urlscan.io logo urlscan.io
SecurityTrails logo

telegrafi.com Open in urlscan Pro
2606:4700:e2::ac40:8115  Public Scan

Go To Rescan Add Verdict Report
URL: https://telegrafi.com/
Submission: On July 13 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 110 IPs in 17 countries across 106 domains to perform 387 HTTP transactions. The main IP is 2606:4700:e2::ac40:8115, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegrafi.com. The Cisco Umbrella rank of the primary domain is 288311.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2022. Valid for: a year.
This is the only time telegrafi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
90 2606:4700:e2:... 13335 (CLOUDFLAR...)
12 2a03:90c0:41:... 199524 (GCORE)
11 146.0.227.108 29066 (VELIANET-...)
3 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 52.239.139.164 8075 (MICROSOFT...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 95.217.114.174 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 116.203.211.129 24940 (HETZNER-AS)
1 6 37.157.4.28 198622 (ADFORM)
1 37.157.6.235 198622 (ADFORM)
2 31.28.167.114 15497 (COLOCALL ...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
3 151.101.65.44 54113 (FASTLY)
4 2a03:2880:f02... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 188.40.115.111 24940 (HETZNER-AS)
3 69.173.144.138 26667 (RUBICONPR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 4 37.157.3.30 198622 (ADFORM)
1 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 46.105.202.39 16276 (OVH)
15 2606:4700:303... 13335 (CLOUDFLAR...)
2 46.101.145.111 14061 (DIGITALOC...)
2 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.67.149.72 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 23.227.146.234 55081 (24SHELLS)
8 51.75.86.98 16276 (OVH)
1 4 5.178.65.246 50673 (SERVERIUS-AS)
2 23.227.146.18 55081 (24SHELLS)
2 2 217.65.2.150 29076 (CITYTELEC...)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
2 8.2.110.114 46636 (NATCOWEB)
5 7 185.89.211.85 29990 (ASN-APPNEX)
3 11 104.18.19.126 13335 (CLOUDFLAR...)
1 9 146.0.227.110 20773 (GODADDY)
1 2 159.69.141.123 24940 (HETZNER-AS)
2 2 51.83.220.94 16276 (OVH)
2 185.64.190.79 62713 (AS-PUBMATIC)
1 8.2.110.206 46636 (NATCOWEB)
2 72.251.249.14 29791 (VOXEL-DOT...)
2 2 3.126.56.137 16509 (AMAZON-02)
2 193.200.65.6 6681 (GIVEME-CLOUD)
3 3 199.115.119.227 30633 (LEASEWEB-...)
7 7 18.196.115.149 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 82.145.213.8 39832 (NO-OPERA)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
1 83.222.114.186 42632 (MNOGOBYTE...)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 149.202.74.47 16276 (OVH)
1 185.46.149.20 44600 (GT-AS)
2 66.155.71.149 13768 (COGECO-PEER1)
2 4 35.227.252.103 15169 (GOOGLE)
5 13 54.89.128.231 14618 (AMAZON-AES)
4 5.178.65.252 50673 (SERVERIUS-AS)
4 46.249.52.249 50673 (SERVERIUS-AS)
4 4 23.75.240.210 16625 (AKAMAI-AS)
8 23.205.235.133 16625 (AKAMAI-AS)
6 23.35.236.201 16625 (AKAMAI-AS)
2 104.18.18.126 13335 (CLOUDFLAR...)
2 205.234.175.175 23352 (SERVERCEN...)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
3 185.64.190.78 62713 (AS-PUBMATIC)
5 7 142.250.185.226 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
3 3.33.220.150 16509 (AMAZON-02)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.248.26.113 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.81 24961 (MYLOC-AS ...)
2 4 54.220.48.180 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.64.108.197 16509 (AMAZON-02)
2 63.34.119.235 16509 (AMAZON-02)
1 168.119.149.178 24940 (HETZNER-AS)
2 2 151.101.194.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 35.173.74.115 14618 (AMAZON-AES)
1 2 52.95.115.196 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
2 2 54.229.14.30 16509 (AMAZON-02)
1 2 52.46.155.104 16509 (AMAZON-02)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 34.204.146.63 14618 (AMAZON-AES)
1 1 34.192.82.213 14618 (AMAZON-AES)
2 2 35.159.35.35 16509 (AMAZON-02)
1 64.225.44.23 14061 (DIGITALOC...)
2 64.227.60.121 14061 (DIGITALOC...)
4 65.9.66.122 16509 (AMAZON-02)
2 212.129.3.113 12876 (Online SAS)
2 14 23.227.139.243 55081 (24SHELLS)
2 67.202.105.34 32748 (STEADFAST)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 54.155.65.255 16509 (AMAZON-02)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 104.26.0.156 13335 (CLOUDFLAR...)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 185.89.210.90 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2 52.31.203.171 16509 (AMAZON-02)
1 2 169.50.137.184 36351 (SOFTLAYER)
1 1 54.171.137.8 16509 (AMAZON-02)
1 63.251.232.165 29791 (VOXEL-DOT...)
1 1 34.199.163.65 14618 (AMAZON-AES)
4 69.173.144.139 26667 (RUBICONPR...)
2 3.121.27.153 16509 (AMAZON-02)
1 1 37.157.4.25 198622 (ADFORM)
1 209.205.197.154 ()
2 104.254.151.36 ()
1 34.204.132.155 ()
1 185.255.84.150 ()
1 52.59.38.241 ()
2 178.250.0.165 ()
5 35.157.194.177 ()
5 81.17.55.113 ()
1 178.250.2.83 ()
2 152.228.222.122 ()
1 104.17.120.107 ()
387 110
90    2606:4700:e2::ac40:8115 (United States)

ASN13335 (CLOUDFLARENET, US)
telegrafi.com
12    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.futureads.io
cdn.admixer.net
11    146.0.227.108 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
ads.futureads.io
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
pahtuo.tech
1    52.239.139.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    95.217.114.174 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap10.adplayer.pro
serving.stat-rock.com
1    2606:4700:3031::ac43:a8b4 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    116.203.211.129 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.129.211.203.116.clients.your-server.de
cdn.onthe.io
6    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    31.28.167.114 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 167-114.admixercdn-s2.cc.colocall.com
s1.v-player.net
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:206f:6600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
5    188.40.115.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.111.115.40.188.clients.your-server.de
tt.onthe.io
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2600:9000:206f:4e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:2057:f000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
15    2606:4700:3030::ac43:c0ad (United States)

ASN13335 (CLOUDFLARENET, US)
telegra.fi
2    46.101.145.111 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.webpushr.com
2    2600:9000:206f:4a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    3.67.149.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-149-72.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    23.227.146.234 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
8    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
4    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
2    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    217.65.2.150 (Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
2    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
7    185.89.211.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
11    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    159.69.141.123 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.123.141.69.159.clients.your-server.de
exchange.buzzoola.com
2    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
2    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
3    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
7    18.196.115.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-115-149.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    83.222.114.186 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
1    149.202.74.47 (France)

ASN16276 (OVH, FR)
PTR: eu6.heatmap.it
eu6.heatmap.it
1    185.46.149.20 (Ukraine)

ASN44600 (GT-AS, UA)
PTR: 185-46-149-20.net.gigatrans.ua
c1.futureads.io
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
13    54.89.128.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-128-231.compute-1.amazonaws.com
a.audrte.com
4    5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
4    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
4    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
2    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
19    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2600:1f18:6593:f602:96e:5500:bf36:df5c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:d4fc:f527:7aed:872f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.248.26.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    54.220.48.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.64.108.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-197.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    63.34.119.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-119-235.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.149.178 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.149.119.168.clients.your-server.de
sync.richaudience.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    35.173.74.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-74-115.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.229.14.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-14-30.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    34.204.146.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-146-63.compute-1.amazonaws.com
nep.advangelists.com
1    34.192.82.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-82-213.compute-1.amazonaws.com
s.company-target.com
2    35.159.35.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-35-35.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    64.225.44.23 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bot.webpushr.com
2    64.227.60.121 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
analytics.webpushr.com
4    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    212.129.3.113 (Lorient, France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-113.rev.poneytelecom.eu
js.cookieless-data.com
14    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
2    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    54.155.65.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    2a02:6ea0:c700::11 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    104.26.0.156 (United States)

ASN13335 (CLOUDFLARENET, US)
bisko.gjirafa.com
central.gjirafa.com
1    2a05:d018:d29:3602:d584:42d3:abd8:529d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    52.31.203.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-203-171.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    54.171.137.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
d.adroll.com
1    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    34.199.163.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-163-65.compute-1.amazonaws.com
sync.extend.tv
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    209.205.197.154 (None, )

ASN- ()
ghb.adtelligent.com
2    104.254.151.36 (None, )

ASN- ()
ib.adnxs-simple.com
1    34.204.132.155 (None, )

ASN- ()
brightcombid.marphezis.com
1    185.255.84.150 (None, )

ASN- ()
hb-api.omnitagjs.com
1    52.59.38.241 (None, )

ASN- ()
hb.emxdgt.com
2    178.250.0.165 (None, )

ASN- ()
bidder.criteo.com
5    35.157.194.177 (None, )

ASN- ()
btlr.sharethrough.com
5    81.17.55.113 (None, )

ASN- ()
prg.smartadserver.com
1    178.250.2.83 (None, )

ASN- ()
ssp-sync.criteo.com
2    152.228.222.122 (None, )

ASN- ()
s333.adxpremium.services
1    104.17.120.107 (None, )

ASN- ()
biddr.brealtime.com
Apex Domain
Subdomains		 Transfer
90 telegrafi.com
telegrafi.com — Cisco Umbrella Rank: 288311
2 MB
20 futureads.io
scripts.futureads.io — Cisco Umbrella Rank: 763509
ads.futureads.io — Cisco Umbrella Rank: 852248
c1.futureads.io
745 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1822
mwzeom.zeotap.com — Cisco Umbrella Rank: 1465
6 KB
19 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 372
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165
eus.rubiconproject.com — Cisco Umbrella Rank: 630
token.rubiconproject.com — Cisco Umbrella Rank: 787
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2473
44 KB
17 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 4476
sync.adtelligent.com — Cisco Umbrella Rank: 3940
ghb.adtelligent.com
9 KB
15 telegra.fi
telegra.fi — Cisco Umbrella Rank: 800728
1 MB
14 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5165
s.e-planning.net — Cisco Umbrella Rank: 7755
u-ams02.e-planning.net — Cisco Umbrella Rank: 68283
i.e-planning.net — Cisco Umbrella Rank: 7805
7 KB
13 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2561
16 KB
13 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
ssum.casalemedia.com — Cisco Umbrella Rank: 1422
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597
13 KB
13 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 47445
inv-nets.admixer.net — Cisco Umbrella Rank: 3040
57 KB
12 adform.net
adx.adform.net — Cisco Umbrella Rank: 3780
s1.adform.net — Cisco Umbrella Rank: 8361
dmp.adform.net — Cisco Umbrella Rank: 4474
cm.adform.net — Cisco Umbrella Rank: 1718
31 KB
11 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 632
ads.pubmatic.com — Cisco Umbrella Rank: 531
image6.pubmatic.com — Cisco Umbrella Rank: 684
35 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
158 KB
8 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 990
tags.crwdcntrl.net — Cisco Umbrella Rank: 1460
98 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 436
6 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 849
38 B
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 315
4 KB
6 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 15498
tt.onthe.io — Cisco Umbrella Rank: 12163
24 KB
5 smartadserver.com
prg.smartadserver.com
3 KB
5 sharethrough.com
btlr.sharethrough.com
556 B
5 webpushr.com
cdn.webpushr.com — Cisco Umbrella Rank: 25409
bot.webpushr.com — Cisco Umbrella Rank: 46651
analytics.webpushr.com — Cisco Umbrella Rank: 35969
19 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
region1.google-analytics.com — Cisco Umbrella Rank: 2603
59 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1276
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 500
1 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1906
455 B
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 290
cms.analytics.yahoo.com — Cisco Umbrella Rank: 911
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 528
3 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5067
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5625
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
476 B
4 quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 10502
cmp.quantcast.com — Cisco Umbrella Rank: 4594
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11891
99 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2262
www.google.com — Cisco Umbrella Rank: 17
78 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
197 KB
3 criteo.com
bidder.criteo.com
ssp-sync.criteo.com
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 504
usermatch.krxd.net — Cisco Umbrella Rank: 1355
942 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 399
793 B
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 5400
1 KB
3 heatmap.it
u.heatmap.it — Cisco Umbrella Rank: 31465
eu6.heatmap.it — Cisco Umbrella Rank: 230157
11 KB
3 gstatic.com
fonts.gstatic.com
51 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1049
trc.taboola.com — Cisco Umbrella Rank: 702
167 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
207 KB
2 adxpremium.services
s333.adxpremium.services
533 B
2 adnxs-simple.com
ib.adnxs-simple.com
2 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1095
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1074
841 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 540
1 KB
2 gjirafa.com
bisko.gjirafa.com — Cisco Umbrella Rank: 366737
central.gjirafa.com
4 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 586
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 692
655 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 3965
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7340
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 893
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 67450
427 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 689
851 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 35441
682 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 213
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1254
751 B
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3672
382 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 662
678 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2431
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 524
pixel.mathtag.com — Cisco Umbrella Rank: 1130
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5819
745 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 94635
702 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 731
554 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 6935
536 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 17949
543 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 6028
258 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 113565
467 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2468
657 B
2 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 29474
565 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1044
2 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1149
pixel.quantserve.com — Cisco Umbrella Rank: 489
10 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2581
45 KB
2 v-player.net
s1.v-player.net
196 KB
1 brealtime.com
biddr.brealtime.com
1 KB
1 emxdgt.com
hb.emxdgt.com
157 B
1 omnitagjs.com
hb-api.omnitagjs.com
1 KB
1 marphezis.com
brightcombid.marphezis.com
112 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 2140
546 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1702
408 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1676
112 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 973
425 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4681
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1071
393 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 5173
399 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2832
232 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1087
44 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 538
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2010
359 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 492
528 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 17984
272 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1776
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 114161
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8368
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 14680
411 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 6763
904 B
1 com.ru
rtb.com.ru — Cisco Umbrella Rank: 32313
240 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2802
464 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 7994
510 B
1 google.de
www.google.de — Cisco Umbrella Rank: 4915
501 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1093
354 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 37286
83 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 55743
86 KB
1 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 13441
98 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 649
39 KB
1 windows.net
gjstatic.blob.core.windows.net — Cisco Umbrella Rank: 275812
8 KB
1 pahtuo.tech
pahtuo.tech — Cisco Umbrella Rank: 293987
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
1 KB
387 106
Domain Requested by
90 telegrafi.com telegrafi.com
15 telegra.fi telegrafi.com
13 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
13 a.audrte.com 5 redirects ads.us.e-planning.net
a.audrte.com
telegrafi.com
s.adtelligent.com
12 sync.adtelligent.com 1 redirects s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
11 ads.futureads.io telegrafi.com
cdn.admixer.net
www.googletagmanager.com
scripts.futureads.io
9 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
9 inv-nets.admixer.net 1 redirects telegrafi.com
ads.us.e-planning.net
adxbid.info
8 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
8 onetag-sys.com ads.futureads.io
telegrafi.com
ads.us.e-planning.net
s.adtelligent.com
adxbid.info
8 scripts.futureads.io telegrafi.com
scripts.futureads.io
7 cm.g.doubleclick.net 5 redirects spl.zeotap.com
ssum.casalemedia.com
7 x.bidswitch.net 7 redirects
7 ib.adnxs.com 5 redirects telegrafi.com
spl.zeotap.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
adxbid.info
6 adx.adform.net 1 redirects telegrafi.com
s1.adform.net
adxbid.info
5 prg.smartadserver.com adxbid.info
5 btlr.sharethrough.com adxbid.info
5 tt.onthe.io cdn.onthe.io
4 token.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
4 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 secure-assets.rubiconproject.com 4 redirects
4 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 s.e-planning.net ads.us.e-planning.net
4 rtb.openx.net 2 redirects ads.us.e-planning.net
4 ads.us.e-planning.net 1 redirects ads.futureads.io
telegrafi.com
s.adtelligent.com
4 s.adtelligent.com ads.futureads.io
telegrafi.com
s.adtelligent.com
adxbid.info
4 www.facebook.com connect.facebook.net
telegrafi.com
4 dmp.adform.net 2 redirects telegrafi.com
spl.zeotap.com
4 cdn.admixer.net ads.futureads.io
scripts.futureads.io
4 connect.facebook.net telegrafi.com
connect.facebook.net
3 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
s.adtelligent.com
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 sync.lemmatechnologies.com 3 redirects
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com telegrafi.com
www.google-analytics.com
3 www.googletagmanager.com telegrafi.com
www.googletagmanager.com
3 securepubads.g.doubleclick.net telegrafi.com
securepubads.g.doubleclick.net
2 s333.adxpremium.services adxbid.info
2 bidder.criteo.com adxbid.info
static.criteo.net
2 ib.adnxs-simple.com adxbid.info
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 ps.eyeota.net telegrafi.com
s.adtelligent.com
2 um.simpli.fi 1 redirects ssum.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 ic.tynt.com s.adtelligent.com
adxbid.info
2 js.cookieless-data.com s.e-planning.net
2 analytics.webpushr.com cdn.webpushr.com
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 i.e-planning.net ads.us.e-planning.net
2 ssum.casalemedia.com ads.us.e-planning.net
2 pixel.sitescout.com ads.us.e-planning.net
2 creativecdn.com 1 redirects telegrafi.com
2 ads.betweendigital.com 2 redirects
2 pool.admedo.com 2 redirects
2 m.trafmag.com telegrafi.com
2 ups.analytics.yahoo.com 2 redirects
2 ap.lijit.com telegrafi.com
s.adtelligent.com
2 image8.pubmatic.com telegrafi.com
2 a4p.adpartner.pro 2 redirects
2 exchange.buzzoola.com 1 redirects telegrafi.com
2 ssum-sec.casalemedia.com 2 redirects
2 us.ck-ie.com telegrafi.com
2 pa.tns-ua.com 1 redirects telegrafi.com
2 an.yandex.ru 1 redirects telegrafi.com
2 match.new-programmatic.com 2 redirects
2 s.console.adtarget.com.tr telegrafi.com
s.adtelligent.com
2 cmp.quantcast.com quantcast.mgr.consensu.org
2 cdn.webpushr.com telegrafi.com
2 u.heatmap.it telegrafi.com
u.heatmap.it
2 unpkg.com 1 redirects telegrafi.com
2 region1.google-analytics.com www.googletagmanager.com
2 pixel.rubiconproject.com telegrafi.com
s.adtelligent.com
2 cdn.taboola.com telegrafi.com
cdn.taboola.com
2 quantcast.mgr.consensu.org telegrafi.com
quantcast.mgr.consensu.org
2 s1.v-player.net telegrafi.com
s1.v-player.net
1 biddr.brealtime.com adxbid.info
1 ssp-sync.criteo.com static.criteo.net
1 hb.emxdgt.com adxbid.info
1 hb-api.omnitagjs.com adxbid.info
1 brightcombid.marphezis.com adxbid.info
1 ghb.adtelligent.com adxbid.info
1 central.gjirafa.com adxbid.info
1 cm.adform.net 1 redirects
1 pixel-eu.rubiconproject.com ads.us.e-planning.net
1 sync.extend.tv 1 redirects
1 cm.adgrx.com ssum.casalemedia.com
1 d.adroll.com 1 redirects
1 ad.turn.com 1 redirects
1 secure.adnxs.com ssum.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 bisko.gjirafa.com telegrafi.com
1 vid.vidoomy.com s.adtelligent.com
1 csync.loopme.me 1 redirects
1 bot.webpushr.com cdn.webpushr.com
1 s.company-target.com 1 redirects
1 nep.advangelists.com 1 redirects
1 match.deepintent.com ssum.casalemedia.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 c1.futureads.io telegrafi.com
1 eu6.heatmap.it telegrafi.com
1 idsync.admixer.co.kr telegrafi.com
1 rtb.com.ru telegrafi.com
1 t.adx.opera.com telegrafi.com
1 pixel.quantserve.com 1 redirects
1 sync.mathtag.com 1 redirects
1 cs.mobfox.com telegrafi.com
1 www.google.de telegrafi.com
1 www.google.com telegrafi.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 stats.g.doubleclick.net www.google-analytics.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 aghtag.tech pahtuo.tech
1 s1.adform.net telegrafi.com
1 cdn.onthe.io telegrafi.com
1 adxbid.info telegrafi.com
1 serving.stat-rock.com telegrafi.com
1 static.criteo.net telegrafi.com
1 gjstatic.blob.core.windows.net telegrafi.com
1 pahtuo.tech telegrafi.com
1 fonts.googleapis.com telegrafi.com
387 148
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-19 -
2023-05-19		 a year crt.sh
*.futureads.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-31 -
2022-08-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-06-15 -
2023-06-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
serving.stat-rock.com
R3		 2022-07-03 -
2022-10-01		 3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-02 -
2023-07-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.v-player.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-11 -
2023-02-22		 a year crt.sh
*.cmp.quantcast.com
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-21 -
2022-07-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2022-06-12 -
2023-06-26		 a year crt.sh
*.webpushr.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-13 -
2023-05-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-05-28 -
2022-08-26		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.mobfox.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
rtb.com.ru
R3		 2022-05-26 -
2022-08-24		 3 months crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-29 -
2022-08-27		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-30		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-06 -
2022-09-04		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2022-02-25 -
2023-03-28		 a year crt.sh
marphezis.com
Amazon		 2021-11-30 -
2022-12-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh

This page contains 41 frames:

Primary Page: https://telegrafi.com/
Frame ID: 83B70FEEBA0EFABBE55CB134EF592702
Requests: 249 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: A9C14638C881578F43097B9BB18CFBC7
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 106A9A7A31E7F5C349A68858DDFE3871
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: E7B692DEE84C55A81D3266FD33F2DB71
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: EB49F83E7DF6C56FE469BBE3B93DC6B3
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 3E866099DD775ADBE643B2D12EC7EA77
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da3da845569752495%26uid%3D
Frame ID: 42AFBEA6943A802BA0E46F5F07DFFE20
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Frame ID: 98363BC3C652CC8ADDC4F04AD4E084FF
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 9944D228AC284EE3517F1A0216B85DB3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: FC3148B562CBE43219FB15C71933930E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&cmp=0
Frame ID: 97D91D6804C4901E9AE4551C76F92F8E
Requests: 30 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 6C5C746AE8396C4109DAF32A31C69A79
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AEMDRDDBcfVjlVcL
Frame ID: 4DD0A32781C3B223B471AFA5CD6B0054
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 13BE3DCF684AAA7ED40E4809F46C579B
Requests: 13 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5528122310733549132
Frame ID: 9DF3B3F413669B4704D669A95E669173
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 6B43E330DD8EEBE8A2307683F0205EB1
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 399161770D9260C152CAF0340B9D404D
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 140302E4822EBA5396D6E821525BE4FF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ed11beac-a887-4694-bc0d-d91cf4334b38
Frame ID: B0C2620405F8FC3439AC596593B3E0AA
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 1E56EBCF873A5EB0CA6967249D46E5D2
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: BA1C7A97D6D391EFCFB1C1ED2991F71F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: FCA28EE7716C2FE188B07C500EAF1F5D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D66785e16a13a20cd%26uid%3D
Frame ID: 640DD778F1A6B53D0CE61F9A57AE8678
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Frame ID: 1542CE905F5F9162026F4DA9508C9AE6
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 299216143EBEF20EFA9040DA22996D70
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0313543E51A7BBBE304FDAD07C1E0280
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361&cmp=0
Frame ID: B2640996B1A43468207CC1570DD2B430
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 7F99DD48E6FA5EA76E341E1A57D356CD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 3600EEC597EEC848639889DCBDC64B44
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 97F1BD598C3F5FB56D12F97DF700192E
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 55B8CAB252FB7948D52166A306E0F84D
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AEMDRDDBcfVjlVcL
Frame ID: EF282D7C0940A083281551B89055438E
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=186923677972495079
Frame ID: 14CD85A8F15E38CBDD9A026792C875FA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: A7041DF5D90FCFF7A8993F60B914CE55
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: BC09DBD328B01F8BE315EB8A1B19EDAD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 474C2DDEE55F3C99DDE657536D84FCCE
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 332EEF974EF9B3862D796952D439146A
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B0154CD018888062308A837E698BD607
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 5EA707FFA1C2136C92C11690E208FD9B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: DF2D005230B442D43E15CB674760152D
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 664C38514FCE39FC3DC86F01FC596FD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lajmet e fundit - Telegrafi

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

387
Requests

87 %
HTTPS

23 %
IPv6

106
Domains

148
Subdomains

110
IPs

17
Countries

6163 kB
Transfer

15411 kB
Size

113
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://adx.adform.net/adx/?mid=621729&rnd=native1 HTTP 302
  • https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
Request Chain 101
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 150
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 152
  • https://match.new-programmatic.com/userbind?src=admixer&id=a5fcba050c7c4e63864a764e9984acbe HTTP 302
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=3397383874 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3397383874
Request Chain 153
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a5fcba050c7c4e63864a764e9984acbe HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z12E6394C6AB486BB18894D04A34E2CB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a5fcba050c7c4e63864a764e9984acbe
Request Chain 155
  • https://ib.adnxs.com/setuid?entity=533&code=a5fcba050c7c4e63864a764e9984acbe HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Da5fcba050c7c4e63864a764e9984acbe
Request Chain 156
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB
Request Chain 157
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=a5fcba050c7c4e63864a764e9984acbe HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=a5fcba050c7c4e63864a764e9984acbe
Request Chain 158
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=32ce30ec-324d-446d-8fd6-028b5129a2d4
Request Chain 162
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zhs1RA5E2uE8KM6Uv6iuDqr_u6s_jfOIM0IX8dQ-~A
Request Chain 165
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Da5fcba050c7c4e63864a764e9984acbe HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=52442b0e-0299-11ed-9598-801844df0ab8 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=b4fdc90e-5e78-46aa-98d2-effe521895f3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=b4fdc90e-5e78-46aa-98d2-effe521895f3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4a3b6cc1-cb91-430f-bd81-38bc70a0b3e1&user_group=1&ssp=lemma&bsw_param=b4fdc90e-5e78-46aa-98d2-effe521895f3 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=b4fdc90e-5e78-46aa-98d2-effe521895f3 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=52442b0e-0299-11ed-9598-801844df0ab8 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dlemma%26bsw_param%3Db4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=ccc162ce-a2f9-4400-957f-715ec1ebffdf&expires=30&ssp=lemma&bsw_param=b4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&gdpr_consent= HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=b4fdc90e-5e78-46aa-98d2-effe521895f3 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=a5fcba050c7c4e63864a764e9984acbe52442b0e-0299-11ed-9598-801844df0ab8
Request Chain 166
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=5cbcf275-b31c-52c2-918f-bb5af34119a3
Request Chain 167
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=a5fcba050c7c4e63864a764e9984acbe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=a5fcba050c7c4e63864a764e9984acbe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=admixer&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=admixer&&user_id=S_Ai_BzwJ6BQ8if9SaZs_Ev2ca5Q-nmgSaR3ctUU HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=b4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&consent=&gdpr_pd=
Request Chain 170
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 186
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da3da845569752495%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a3da845569752495&uid=5528122310733549132
Request Chain 187
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 197
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=07f3ea05-5353-47f1-9050-c2a0374095ff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 203
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=114c1a0a-dfe1-45ea-b979-9e540808fd51&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 204
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dc9656c9-b4c5-479e-4b6e-502d4babe100&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=dc9656c9-b4c5-479e-4b6e-502d4babe100&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=31926936000866726094050903290960242782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 206
  • https://bn01.er.bemail.it/zeotap.php?_bid=dc9656c9-b4c5-479e-4b6e-502d4babe100&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022071315-11397-0.754838001657719802-cb8f3db4facddf5d17fa57dd4cdd77b4&zdid=533&env=mWeb
Request Chain 207
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7119807251255851151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 208
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=dc9656c9-b4c5-479e-4b6e-502d4babe100 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dc9656c9-b4c5-479e-4b6e-502d4babe100
Request Chain 209
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dc9656c9-b4c5-479e-4b6e-502d4babe100&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dc9656c9-b4c5-479e-4b6e-502d4babe100&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361&bounce=1&random=1669436803 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=eqMxM1KQuUtK/mrYnrsajO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 211
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dc9656c9-b4c5-479e-4b6e-502d4babe100?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=dc9656c9-b4c5-479e-4b6e-502d4babe100?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 212
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-.w9pADRE2oqzeWl1WYjdAEUodeZhkAdRAQ--~A&zpartnerid=570&env=mWeb
Request Chain 213
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC3nOzXujU2XLdyDeD9YB3vx%2BS41iYitP1U%3D
Request Chain 216
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361&_test=Ys6i_QAP_xUYAQA2 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys6i_QAP_xUYAQA2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&_test=Ys6i_QAP_xUYAQA2
Request Chain 217
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ccc162ce-a2f9-4400-957f-715ec1ebffdf&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 218
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 219
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&dcc=t
Request Chain 221
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Request Chain 224
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ys6i.ECuMi3VTmiGsMFpgAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Ys6i.ECuMi3VTmiGsMFpgAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELj62gLqi5SBL9V6xjIYa3Y&google_cver=1&gdpr=1&google_hm=2
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB&dcc=t
Request Chain 228
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0c302616-a143-4443-a09f-99d5f1eda58d
Request Chain 229
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673606905&external_user_id=ce93922d-f60d-4399-ad60-10496c53bda1
Request Chain 230
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8HoJCylQ1ObzUR5&gdpr=1
Request Chain 243
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5528122310733549132
Request Chain 247
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ed11beac-a887-4694-bc0d-d91cf4334b38
Request Chain 250
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0c7d51e7-b467-4627-b26e-4914d9492eed
Request Chain 251
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=32ce30ec-324d-446d-8fd6-028b5129a2d4
Request Chain 253
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5528122310733549132
Request Chain 254
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657709305554 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4534868705
Request Chain 255
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7054103a-9903-4d4f-a488-8c84e4c76927
Request Chain 257
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=3c3614fa64574cc8923cc491eae08509
Request Chain 262
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D66785e16a13a20cd%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=66785e16a13a20cd&uid=5528122310733549132
Request Chain 263
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 271
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D09d2714e-8f1c-478a-6531-92cae99db450%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361
Request Chain 274
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 284
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3024677144009176105
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEaxE7FnUYAAA-CxqF0jA&expiration=1658918905&gdpr=1
Request Chain 286
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 287
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 289
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbc37151-87a4-4a46-8ace-7f8a8356f9d9
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=&google_gid=CAESECL4Nj5M8bxOFSpauiYT8wA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=186923677972495079 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESECL4Nj5M8bxOFSpauiYT8wA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 309
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=186923677972495079 HTTP 302
  • https://a.audrte.com/p
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=&google_gid=CAESECL4Nj5M8bxOFSpauiYT8wA&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 345
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=186923677972495079
Request Chain 346
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62570e5211e85bda
Request Chain 384
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d

387 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telegrafi.com/ 		233 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b8a67c0bf56f37c1f28f00fbca7cc214b5102ff617a8089e38fa092e4a9c52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72a1722c5d6fbb80-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://telegrafi.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Q7ONfARDyAJA6td8I3nNqPHVRVb4ZHY%2FX2wpXub72a3N%2BsQfChnRzuhdaiW9zh6dV7a6x1cbTfrWzxEfAXBlBM0PfozLbgBdbpWY4GG8uYOUHMgrD9VQyeXDh%2Br2PixpPBgTtRunEkkVh3g"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Origin
x-elasticpress-query
true
loader2.js
scripts.futureads.io/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/loader2.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-09T12:58:31+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Tue, 05 Jul 2022 13:08:06 GMT
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
8dbb91179609d2add05a1c5015671d99d3611bce22536974c7a2fcca587a9d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:23 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
6d0862ce58a4d3d28d8a6755c40d61714fd333af6b4ce959ed94691a54ca3f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28037
x-xss-protection
0
server
sffe
etag
"1272 / 755 of 1000 / last-modified: 1657708503"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Jul 2022 10:48:23 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a273072d4326cf4fff7510301462667c0c97a389b2428ca9f96a88316bec31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 10:00:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 10:48:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 10:48:23 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VLYQGEH6F0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8472eaafc1871e5c4aa257457bbb29cbc12a7040e01ca28f24492f61350ec451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71035
x-xss-protection
0
expires
Wed, 13 Jul 2022 10:48:23 GMT
zuck.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/zuck.min.css?ver=0.0.66
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c585b20a808a86544de8a30986d414790a235565c0f258a6906e8ab95a1ea3
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 06 Mar 2020 09:41:57 GMT
server
cloudflare
etag
W/"5e621ae5-2720"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Md%2BlLdLUDDblV%2Fg13OiRkq6lJKFIemfA2vzFIZpmW2oqPsk7E5pXdZ6EIm%2FvxrOzEGBIZ6lLgbEzypIEFpmttXvJNYdKYzbTkzBc7edmvadcg71UGUaOFf7Yemo2DuBJtRPJ2AY2LuCYeco8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe57bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
bootstrap.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/bootstrap.min.css
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9fe71e05e63690230d5fc96364a60e2ca70c51d1c957dfc44a9bb66c877f23
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-5b8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBeeLRsWWRWJkL2MdUSZf%2BbRxYhdzUbSth2Taz%2BEfgwHKxT7El450QJz1RxdQTXzexBYFiTYUjMF%2BiGzzKoAmCE%2FbAbhahAPMEQfZocFWW%2FDDOKg9010CENTdovmWFR%2F5ooBAZBcPqeqxHh6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe59bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
styles.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		123 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.4.87
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1548f442801895a837c8c9d4d61a52592b674dc7c3eff735c3f75d2bc5a262
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sat, 11 Jun 2022 17:26:09 GMT
server
cloudflare
etag
W/"62a4d031-1ecd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqbVMTVvP89eyt3PAgE8bnuERR6vwhkgAqUi3PjL46eQnUZFy5gdxG0%2B%2BEw8arX7HvIQyyo2bZaE6KdKovZLbJKrPojtzsZGOXAlFvflHunFZMIg9xGSLb0WsH%2FEe1GvqxQkG13qQ%2BefCngp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe5cbb80-FRA
expires
Sun, 11 Jun 2023 17:26:11 GMT
swiper.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/swiper.min.css?ver=1.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c6b74aab138b30b1e7e29cc1377c646142dd133db41771266f8c6466e380f3
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 11 Jun 2021 12:58:31 GMT
server
cloudflare
etag
W/"60c35df7-455e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9XzgECFwSmUbMg6%2FV7HXzN00FLq8UwpABMOAuN2L%2B6M7ZGGZgCFyqlTxHTEXNcLi1cxq47ZznK3h4mBI367FAyW3l6U7QKitKjFdP%2BSUtcEMWlbXJMO7zpf64f5O8a8RD%2BMnghoM2Ls5PBj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe60bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
style.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		83 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/style.min.css?ver=2.4.27
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ab87dead82405e7357f7c03ced2b4d5d3cb991e3fc59587c22486519ad1483
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 17 Jan 2022 11:55:53 GMT
server
cloudflare
etag
W/"61e55949-14b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr%2B2p2CcyC0COLpMZjtKLI53mSn8flGTyK3ynzU7XnSMhZesn6JPSKhWlDNGt%2B8DknLLjqC6uzkKVAFfdJvscIByTbng3TnPhjC4g3wZfxSIxG3lXDrjvIyLQTlJ8mpqlAZ5nR7u%2Ft0%2BKtIX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe62bb80-FRA
expires
Sun, 11 Jun 2023 17:26:13 GMT
nadballina.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		2 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/nadballina.min.css?ver=0.13
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759a7832652307a3887378304f8ef16b8a9390e48172cbcfba5b2e7a23923778
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 04 Aug 2020 09:50:08 GMT
server
cloudflare
etag
W/"5f292f50-960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPChIbV5po%2FA%2Bd1dWDZXxnb7P%2BIqkxRZT60BQv0ahLdvZjSG1zPoqFGtAtw3MO2JNO1SWnWMzHuzoN%2FB2PeCI1n0XuPsOUTqgrkk7k%2BLBtXvNJcWYIzjHx6VpaLjCPy9ZsSW6KzvGmkWNhhb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe65bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
jquery.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/jquery.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-1787d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OJvnAc%2BRQpAjcYCc74h26gK8GctjW7Lq%2BX%2FSJdSiNrxyMeHvsRGVibMfCT7BPxJCrIynLTI83yuStCocRYcHOoGhHSoz0cMgbh%2FoZuPAl9ySxlaAZ2qh3d2xbySjFlt1rmXikZuKku61DVL"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe69bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
sticky.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/sticky.min.js?ver=1.5
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66078495f7cb24e6c59bc1a4e8e1ba63800dd8b7669a1b9201de1194d201aa9b
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 20 Oct 2020 08:36:24 GMT
server
cloudflare
etag
W/"5f8ea188-1b7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS4pD4jSbi7Em%2BWI3xNtqX3Zs1XFRv1gDeHt2IZIMjZFxeslnO104%2BqLvnWLaxmekCmQD7BPpiSGNUEuVCVujayoJJvMiNTh7aqfeSaaHu8SrM%2FzPPx2bwd5HXekto3Smdvz4TRibY1j7ZVE"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe6cbb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
zuck.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/zuck.min.js?ver=0.0.26
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a413599926d697f1b97c79da6ad1d10047aa3b4b81c78bae0799fe23f26f468d
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 11 Dec 2019 17:10:56 GMT
server
cloudflare
etag
W/"5df12320-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snO3CB91xe4q2DSxUeucqeFm2SR%2FqSqqwJGFDImDgAJmSYIjvWWOMZd05pjPExqKlirSslW%2FjI1rWVvJKttXmh68mYsxPco3x4vJaBEBlv2ITecn1Tishs8HuNiso%2BDo3n27QJiHvC8CRnTP"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe6ebb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
nadballina.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/nadballina.min.js?ver=1.9.92
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e146cf548483ff23de03f7df499088925b151a115865bf5eaeb976e4e44d4a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 20 Oct 2021 08:46:34 GMT
server
cloudflare
etag
W/"616fd76a-3a14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAiRQryeZ8Owcg25CX82IN0BZHXosRREVcleLx852tj8rx89oV3W8M0Xz75CmAYEpgVNtnA9H1V22UFXsl%2Bc4T3O6FusyoqIFlH4L0rnZEZdEqLuVRC60YJCFauPI8Fo%2B50wFLfPlpJjbIsI"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cbe70bb80-FRA
expires
Thu, 20 Oct 2022 08:46:41 GMT
swiper.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/swiper/js/ 		142 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/swiper/js/swiper.min.js?ver=1.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24eaa87d394e82bf4c46c8fce9d490c95367a1c7366562b1c153dd5593e2531
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 11 Jun 2021 12:58:31 GMT
server
cloudflare
etag
W/"60c35df7-23827"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH82wk69eeCzrjshU%2FkKucPwcMHwERoMR6gS9ooM2rPK7fw5kNU6kwttTC0Mf6idIjxLqYqp%2Fmc%2FJaP5vSsWQ5ZNK124HOehx0Loeiy67vLsf76g20R9LYwoJMln3rzgepbB6EaySXnKNwBs"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cceb0bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
telegrafi.com.js
pahtuo.tech/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtuo.tech/c/telegrafi.com.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54a3408d13e5f55f45c073164693022a1f0e4f15baa0cfd16c6e99e6ea9fa43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6957
cf-ray
72a1722d7f7e996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2012
x-amz-id-2
PGbrAQAf4LpdD12jQh47Pcqqu/WT4VA/JmEqDoKrk0Y/gxfzKo0oXiWHXuL8vSg7bALPx0VcxXzl3nn/XAgznw==
last-modified
Tue, 17 May 2022 12:31:58 GMT
server
cloudflare
etag
"234730c08bd43e52c95f13a5c7b98165"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am657E0dYbL1jQFCeXJ%2FnYHeUTNvtZ0454JvIvSiOEch0r2y3Xiou1xU4g1fVJQAvGQ%2Fij2VVmIgxVuK%2BWQAg8JWs7VDOKeD%2BdxTpx9XFMh12YL0xWdutpolBOcUydSnz%2Bbm05ykS1pGQw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
EG3ZW3J52E6M0R28
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
cmp.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/cmp.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3ac56ea7009181cb686ac18512efc3c94e6509c3920cea8e768c12fcfda6d1
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 14 Oct 2020 15:10:59 GMT
server
cloudflare
etag
W/"5f871503-107d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkGdsgRJT2iGKmjXb1SupwsTtaYMdZO6BAhlAo3VbjM%2Fn3%2FEEgholeEDXj%2FenQMUAQBC92AFPR0F%2Bb2l1qKtw6%2BFXHYjUGOpuXgis465YpK5RcHqUVgahDAl%2BpkrfoQZKSrwirfWCZKSmCOy"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722cceb4bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d0c1782bb0405f51160f875de409e8468cd5dfb46eb3dd5291633eede4050685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 13 Jul 2022 10:48:23 GMT
Last-Modified
Wed, 15 Jun 2022 14:47:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KTogW+4kCxvbKgX0CMEOFg==
ETag
0x8DA4EDE073DBB36
Content-Type
application/javascript
x-ms-request-id
10d06c94-c01e-0096-7ba6-962368000000
x-ms-version
2009-09-19
Content-Length
8014
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:35 GMT
server
nginx
etag
W/"62bbefe7-1dc0d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Jul 2022 10:48:23 GMT
futureads.js
serving.stat-rock.com/player/ 		311 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/futureads.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.217.114.174 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap10.adplayer.pro
Software
nginx /
Resource Hash
11c394fe3a9ca0ddd99fc11e649c1bbf7870ff6fcb801e7820aad36de044ecee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 07:23:23 GMT
server
nginx
etag
W/"625fb4eb-4db8f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
telegrafi.js
adxbid.info/ 		294 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/telegrafi.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a8b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786c7eaded5e9987901e7e522fec4fb09ec5282d7050c4fa3634f6f17b2fb7d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Jul 2022 09:08:34 GMT
server
cloudflare
age
6316
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lh1LIh6BXqFr0YSYcw%2F8c%2BPKlr3g%2B1k5%2B92NqB2WMmDLKmo%2Foel%2FFUv9%2FfjJIfodBDtwWoSAzPFXJQt03%2Fk%2Fo9DnReydBplepmgATMq%2FQJVGcBqcJ%2BK7stcUg76tf1jQALe5ct5Z7QsX8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72a1722d8bba5c50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
DqfniW44qMqs
cdn.onthe.io/io.js/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/DqfniW44qMqs
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.203.211.129 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.129.211.203.116.clients.your-server.de
Software
nginx /
Resource Hash
6fe12f443d57fba3f686959e72e430698b8a78465c198284f3e44900361cbc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 13:14:11 GMT
Server
nginx
ETag
W/"60e6fa23-11165"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Thu, 14 Jul 2022 10:48:23 GMT
telegrafi_logo.svg
telegrafi.com/wp-content/uploads/2017/02/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/02/telegrafi_logo.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d93d95a887c7049a48767ba91fb4d54802b9eb632fed06116967e5fa116fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735521
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Sun, 12 Feb 2017 14:51:21 GMT
server
cloudflare
etag
W/"58a07669-283a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0u%2BQ8CTOPem%2BvSK1ixFYt8KuiXT58cowC89EPXr%2B6ABcMKS%2B1E%2FxhIiU1Y1REB6eqCyb1zwIfabPLZcoN805KvekafFbG3WoyENsbXq69eS6AQROPc%2F5%2Bnp30wn2PDdUXYJr7t%2FABFam0FZu"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
72a1722d5ff9bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 23 Jun 2023 08:35:13 GMT
deals-logo.svg
telegrafi.com/wp-content/uploads/2021/04/ 		8 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2021/04/deals-logo.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ddb33c5357ea6bffbb48ef3e384b9a3011a7c09e81cac8e58909b190a42fdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735521
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Wed, 21 Apr 2021 12:18:07 GMT
server
cloudflare
etag
W/"608017ff-1eaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3I%2BjiC3PmaruzBYki8x7NdteNSqMU3qi3h%2FI6asVLrONLq20OMiDxt0mQjhFKCO7xHygTAry1ItMkJimcxsDPZX7eKYseQWTyVd%2BPFsUI5KO8McXFFdCizHfkfd3O5yKxVlDfeZmPtGGp4VO"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
72a1722d5801bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 23 Jun 2023 08:43:02 GMT
app-store.png
telegrafi.com/wp-content/uploads/2019/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/08/app-store.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c261e30a476d56f895b5a24412062f8d8a69ecf4b296d2428f4621901c4d42cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14613574
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4814
pragma
public
last-modified
Sun, 04 Aug 2019 11:30:54 GMT
server
cloudflare
etag
"5d46c1ee-12ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jt2h0y5ebRyIUpAzk%2Bw2AjQ64yRMqFhXpRiQSK9OwIG0wkJdM7unvhBDIKkZCn%2Bgm8kVYBoJUgYKTsUhMoiMOg2shI%2Bp7Fj7Jv3iwORZ9xbI69FfYO7iAKpcEfVe6hCM9rpLI1sW9YhYPBaR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 07:28:49 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5803bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
google-play.png
telegrafi.com/wp-content/uploads/2019/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/08/google-play.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a21de8e50cb5fec4d27925459bcefa46d0dfd9be177eaaa765fa1ec9c9c649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735521
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4431
pragma
public
last-modified
Sun, 04 Aug 2019 11:30:54 GMT
server
cloudflare
etag
"5d46c1ee-114f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHyFq6PFiyAmhQtcPmcHToYOOsS0jG3lm2etfyOkabkr1baYtXxY0wiiZA9pm36xZOhYjjGc3cun9EK6%2FaBbvDLyuxo78xOtV6KMTqTk0hFdOunUo69K6dr0N8SjFz%2Bkom3Dr63qMEaykGRw"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5805bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 23 Jun 2023 08:43:02 GMT
292809935_1077790833132681_818120060366337446_n-1-780x439.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/292809935_1077790833132681_818120060366337446_n-1-780x439.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf25b6341443d677851c828ed0b7f276ae756e817919513f205bc4cb9e3248d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3488
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37873
pragma
public
last-modified
Wed, 13 Jul 2022 09:45:16 GMT
server
cloudflare
etag
"62ce942c-93f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZgwKdn6qCkYYqEo9%2F0sJJEQKHhy3qvGj4lI7qULi8t4G8eNOB%2FPtW%2F9QUJ8zy%2FLr8Xy%2BOhtJGsLICYxGltJ5RhjGFDULrTRyDXS179LSvEJ%2FpPETRmbl7u%2F%2FI%2FfPSBLBYF3V9nl%2FkigPpDM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 09:50:15 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5807bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
share.png
telegrafi.com/wp-content/themes/telegrafi/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/share.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535991739367153716bba43fc9ace50550573538a9fe076ca7921172b2ae346e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1706
pragma
public
last-modified
Tue, 13 Aug 2019 13:39:01 GMT
server
cloudflare
etag
"5d52bd75-6aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjwqueieAwemA3KYD5tmE8s%2Fh09gyKLU9Uv7Bp4w%2BpSFqjHqOSJu1jwC%2BNepJ0%2BKHV0UqK3TQ7AIGj02JsV5fH1b3EssAjR2CAMWzfE6nkTN3iqFBYw1nLi9hCP90lFYZFP%2Bavd6t5JXjVbW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31556952, public
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5809bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Oct 2022 21:26:47 GMT
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?mid=621729&rnd=native1
  • https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
809 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c4f53b889d96ccdbc8172b62e68a26038862f667649f3d3fd7b4486f8bb0dfc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:23 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Shinzo-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/Shinzo-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a98d21f5e81883d8cff9c8568c640c7fd32c44a7046f52fea5d5c2bb9746

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7208
pragma
public
last-modified
Wed, 13 Jul 2022 09:07:06 GMT
server
cloudflare
etag
"62ce8b3a-1c28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blYCc3VFiyy0X4znzUFuqoQVrDSFi9ybc9%2FE%2FdDG17SEoX0cSMjFplfxHqhufhjbF3kw2QeyTFMwpuRuP8rEe6kB2BAFP6KLwIAHLfUKSqVDLfXVWz3mcytQPiYbpaVCvt7sC6fg7aWG2A%2B9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 09:07:07 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d580bbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Artan-Fuga-e1547820765238-150x150.jpg
telegrafi.com/wp-content/uploads/2019/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/01/Artan-Fuga-e1547820765238-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951ceeada7b03e2249ccab410fff2564e994c2421b9e053b11980c7c533de591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265064
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4369
pragma
public
last-modified
Fri, 18 Jan 2019 14:12:45 GMT
server
cloudflare
etag
"5c41dedd-1111"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goZDEJXlArUGalksXFyUVtQZil1pvfegHbTCJJACbusV80Cm5GkyQSIqOzglyvpwXmc5Fe13LjRaPodv9%2FZ2ww2qMhjhjQgB9IfA3pqW0vak39EngWMPnS9NFkX8bYudjaMJ%2Fh5F2nu%2Bmg%2F9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 10 Jul 2023 09:10:02 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d580cbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
opinion-150x150.jpeg
telegrafi.com/wp-content/uploads/2018/11/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2018/11/opinion-150x150.jpeg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66ce23b6c495164250bbd0e529c97ec49d04143f325310ea9323e74453687f86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
562341
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4335
pragma
public
last-modified
Thu, 15 Nov 2018 10:39:36 GMT
server
cloudflare
etag
"5bed4ce8-10ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RbTAFcxQnERtmAnFIqIE9E6m1Ru5ChtoBXZGKr3oBIOmW7fTSvwIh1Nv5xuzGSc0SR86Zrj7sLpRctGU0dw2zXIxveAhrXw0419KlXdPk6Yd73rqqBPJSkA2n4%2B8t7Fhf0pTR9LqNnHl470"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 06 Jul 2023 22:26:05 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d580fbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Elona-Caslli-e1624363079356-150x150.jpg
telegrafi.com/wp-content/uploads/2021/06/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2021/06/Elona-Caslli-e1624363079356-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872fb6276caabbaa283518d8cc439ead7aac9420e8163d933e66f5bfc615745f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168026
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6496
pragma
public
last-modified
Tue, 22 Jun 2021 11:57:59 GMT
server
cloudflare
etag
"60d1d047-1960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2StYfhQp1cl9t4XEMSIkjVEYWnwSGRVP2DdLR99K63Lxa7oYdYrsYJJY%2BDyfqXGHncPhE1ORLD3Fug2JmQA2VudaDsTXMaFLJ%2FyNu%2BNftbyzCxjTiL95kFLiBQJWCgizsgkKWuLZ2%2Bjn%2B6yb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 11 Jul 2023 12:06:51 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5812bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Dren-Gerguri-e1608456419656-150x150.jpg
telegrafi.com/wp-content/uploads/2020/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2020/12/Dren-Gerguri-e1608456419656-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372cf6345a8ee5bc7e305fdc44c5ac7e484c1395580a2a9916d3784dc3eb5d97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185590
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4063
pragma
public
last-modified
Sun, 20 Dec 2020 09:26:59 GMT
server
cloudflare
etag
"5fdf18e3-fdf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY7jcdp1pwbRJlN%2F0Cm21GsuRrop%2FDGXrRtyqXcdiiGZ%2FNkK9%2Bb82btY94Gm5jrLYpx1tFYVCnF8GRSsgJe0SdBsqKtL1e0ovOtVjipqiSWFpfv0HDHsVmUDQ0gmNtZLvpgu4%2F2jzpnq9jO6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 11 Jul 2023 07:13:55 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5813bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
289820713_773567444008303_9127483626069540854_n-150x150.png
telegrafi.com/wp-content/uploads/2022/06/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/06/289820713_773567444008303_9127483626069540854_n-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1159c7004b5f1c260a0ee167fde25c69f996b8ae7849b953b216d9b78479a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1522067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45146
pragma
public
last-modified
Sat, 25 Jun 2022 19:47:06 GMT
server
cloudflare
etag
"62b7663a-b05a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEodS4o%2BxGsrvi%2Fe7qfFBSjJBV2PePQuRIdvbrzrP60YQIc4F1K6LqbipQBBp4SdSnR0BUlawGnkLWMMEEVOJTiIEgRFrcNVWVvU%2BMAqd2Y4i5EDqLIZ1AoSp%2B1M%2BBClrdYPSpGwQlzgd05Y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5816bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 25 Jun 2023 19:47:09 GMT
278942577_1126616738185455_4685092438968270514_n-150x150.png
telegrafi.com/wp-content/uploads/2022/04/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/04/278942577_1126616738185455_4685092438968270514_n-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
563c7a9f3505a29556cb5d373d27b9d15a5390441434a10fceed3399738435fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6658052
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44492
pragma
public
last-modified
Wed, 27 Apr 2022 09:05:02 GMT
server
cloudflare
etag
"6269073e-adcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePBDF47kL1z0WU72L7LP2U1R4SBsxgS6mqbI7k8ZBFZuXLh5kOWJvqQT70WyBICGGuE0jauoihQJiS0iq0YrOwqxXo765ofR%2Bfbas4m5IFYxqGGDt0soZdVi%2FhQahDE6by9q5Gw6T1aCzOCd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d5818bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 27 Apr 2023 09:05:06 GMT
278448037_328287129293132_8834778229461338549_n-150x150.png
telegrafi.com/wp-content/uploads/2022/04/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/04/278448037_328287129293132_8834778229461338549_n-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709f1d5d7779c30e0286b48d7d3720ecb62ca548971e1bd8dc5e6ba7a3620636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7513274
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46780
pragma
public
last-modified
Sun, 17 Apr 2022 11:38:55 GMT
server
cloudflare
etag
"625bfc4f-b6bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROh9ZfWQOOMLgFH%2F8fa%2F5HOiokJ6rFfyBQOzk9l0rGwNdZiIWJEHQRgbLGUU4F%2BvZmmf1HqESpGn6Vmj0MREX6XHOX7Kt%2FA6IrGDJvehed2%2F2Hv%2FE08aXVlSta8Kwtxzn7Qsv%2F60JLd8KtzU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d581cbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 17 Apr 2023 11:38:59 GMT
fatos-xhafolli-150x150.jpg
telegrafi.com/wp-content/uploads/2022/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/04/fatos-xhafolli-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bbe12f07e2a377919a4aecf542a8af006b6f7c5be189a15f75a9ed6062a14f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1729942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6997
pragma
public
last-modified
Wed, 13 Apr 2022 19:30:41 GMT
server
cloudflare
etag
"625724e1-1b55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld6K4sQvwTMHz3QyMCBRW1WSzmHZ0E0z5qYvgUAQXlOKF%2FYPhhQsJFKv6wFzgGTLL%2F6WHf4fFLbfLdS43dN%2FmWt60MJyg8%2FmOAtjn3Ai4EjpN6w2a39QL5N04i1pgMISsTdtEo6jQFkai8%2FY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 23 Jun 2023 10:16:01 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6857bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Ingret-150x150.png
telegrafi.com/wp-content/uploads/2022/04/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/04/Ingret-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3fdbc2baecc353524e3ad20f5ea635bcbef05fa2b6fe1d79762bc1974d450f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8720890
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49640
pragma
public
last-modified
Sun, 03 Apr 2022 12:20:09 GMT
server
cloudflare
etag
"624990f9-c1e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98Bjlp9f1A4PCENBzJk5kTO540%2F0EMskbwpdklidNyPukq87Db50K5tc7NUxP5LPMqrwVD687c2SHrxneN8eicDCslzjhEoYbuabwIRKvTI73eLL290ZfgXLiaoxUuEpfo1oaAtM%2FCI1ipvz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6859bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 03 Apr 2023 12:20:13 GMT
adx.js
s1.adform.net/banners/scripts/ 		58 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
199fb21b3ebc707aa9045279d3f380910ebe9194b8f4afc54d85ba28e1ee715e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 08:28:54 GMT
server
nginx
x-amz-request-id
tx00000000000004073c6b1-0062ce9f42-323350c8-default
etag
W/"c3a9d4f9b6981f579551b9a46e32d64a"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
1-123-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1-123-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284e2caf9a7bf81759b1c6bbafe4f8b64ac8e611a94e8380f0442ce2c0fdc8cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6904
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19669
pragma
public
last-modified
Wed, 13 Jul 2022 08:52:52 GMT
server
cloudflare
etag
"62ce87e4-4cd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2bZDsPOdYaBTOJ80mpIGZjGPKGcz5lpBbrlc9xebQ8XFNrikQ86CvjtZWlyAuNdQ9VKK52tWAOn0hEL9MYvqILNh0JoVkghNUoj4jweZalAF%2FKVv6jx%2BStr8i3IV6uN5stlLvAQL3SH6LM24"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 08:53:15 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d685abb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
1-119-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1-119-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579607db349d8d62676b9b7dc2e3e9485e91b71762fdee5d01de6ed5970684e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14871
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31538
pragma
public
last-modified
Wed, 13 Jul 2022 06:40:07 GMT
server
cloudflare
etag
"62ce68c7-7b32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd3YShZxaAKXKyy5Lj%2BL2dWHPyHbbwFcR%2FjNrFbO%2BfHK5jjiYpS%2F5oUy2WYYOD04XjMj6qglVYRanB4rXTJCzeLAF08s%2FkWzORsGepZGcV65p0ptxdjpddJPenmcbeB6D7H3i6alKPn5Szpt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 06:40:30 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d685bbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
2-28-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/2-28-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57d4e0be0b3268f3ea6a54fd67e8a9391395b70e0dc1ae675193e65e6a009a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51042
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11272
pragma
public
last-modified
Tue, 12 Jul 2022 20:34:47 GMT
server
cloudflare
etag
"62cddae7-2c08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQKFzV%2FreHdQzCJJ7aATdZFKNcKZubdcSCsyGJc%2FmEJbcxIS11kAeMDpoLgqQTvGHTpPj4EKEx57vNp%2B1XHIpODJjkERYTThDWc6bJz8swrKyEOsN8l8KRCTwnkEeTi%2F3D66cB2y6lVY1jFH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 20:37:41 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d685dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
1-102-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1-102-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfafea91f493eca20037c1de5a71ca243081d3d720d569a9abae2458ca0cf1cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71837
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14013
pragma
public
last-modified
Tue, 12 Jul 2022 14:50:13 GMT
server
cloudflare
etag
"62cd8a25-36bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGsMfaKbPmpNw7kCERWOsyNgl35VHiZRmrha4Yu4HO97oZYffhuWx7pyE32Vc%2FJ39znEsa2QIj1wzEDjHMIkEUb6d7GuGbiGGM3sgm1NAMSdzDlmii2bMqIggyzy1w%2FcCPKDeW9fGPCn0qXN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 14:51:04 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d685fbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
ccc-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/ccc-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a0c0c9a82cb09d51fcba33f758195b55fd1f5637d673d63739ba66c355f6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77279
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15047
pragma
public
last-modified
Tue, 12 Jul 2022 12:58:52 GMT
server
cloudflare
etag
"62cd700c-3ac7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3mRYk9j2BEZdO0jYoy7EooPKNh0MVKCWE%2Bhp3VD5khn043%2BH2S%2Fqi1BG92Lb6fVjzbofMiamyINJ5CF%2B8im9YmY5NkrNb1Jz4yOc1qPuvD8JOhfQ2zZWAv%2FipbMPRsgph9F6RiAwUDaXA0G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 13:20:22 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6860bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
61239490_403-e1657622782552-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/61239490_403-e1657622782552-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae7c4ebd512de69c70ed18d1e99454171546fa7d6c8d3a16b1cee5c31098f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32983
pragma
public
last-modified
Tue, 12 Jul 2022 10:46:22 GMT
server
cloudflare
etag
"62cd50fe-80d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNRdcGOLfgIIEvgandpAmVVUtDFeNjRROHo7viy7WQnUwyIc0uS%2FLlVHQHkuGs2HZownwC8hvvAOC9EPI%2BBg%2FRoKsvv3SizUzm%2FbKZIxOLBVLtaPL5N%2FoqAAePMUuj3XFPlz9mIdLFy8wVYX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 11:13:34 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6861bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Screenshot_3-27-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/Screenshot_3-27-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f214d9a0777b80deaaa0c058960f74c1e9a9bcc19a386d816e69c0b9b4e3477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90455
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18665
pragma
public
last-modified
Tue, 12 Jul 2022 09:39:41 GMT
server
cloudflare
etag
"62cd415d-48e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL3VIi79uwYx0veGLP00euIfrNGZFPbHWJSq%2F7a2RWqoOJoLO4I4WWMBwdyHY%2FvpWrfQr9x7BgWGKTKcJPXZf4uskrf6OkxNyLWZvqb2F9JAgcpCyydbb1QU4uCdi%2BbuKE67%2FmXor2tTXcKV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 09:40:44 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6862bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
62436443_303-e1657617976725-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/62436443_303-e1657617976725-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f6d03b79037c7fc9840607c6cfa94a25e2aa70f6e67eecfc7e1f992343f997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91311
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18686
pragma
public
last-modified
Tue, 12 Jul 2022 09:26:16 GMT
server
cloudflare
etag
"62cd3e38-48fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI0XXybLBLgDHBdUGjXzAky0rXXaMz2%2Bzc97GRyKiDBcBLttd1GRQFxLXjJX%2FHCSoLLz7zSHZeCtEZDPjEFyrBxE3fAxe1SVHPEVQ3Za43K0oJ0SX5kpk0MavhJagbyxkooOpr8OCWmDRUGI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 09:26:26 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6865bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
telegrafi-deals-blue.svg
telegrafi.com/wp-content/themes/telegrafi/img/ 		39 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/telegrafi-deals-blue.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02fdcd2250a4da291e9f6eccefd36b64864ae8d27969225baa44199d8a520e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Wed, 04 Aug 2021 09:14:30 GMT
server
cloudflare
etag
W/"610a5a76-9a16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syxuxIIfYbbDT3NOH9c492OsE1F3yZHCNraqRd65szTdaxcTz8oMWHLhdI%2F1YeRLDu9MlbtHUL1%2B5QBp3E6ydkFpKGbFGgge5rLhRnzRSQztkW3h9wJbTtZMQ3LYTNYlLnq62RcMrZQgxaF7"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
access-control-allow-credentials
true
cf-ray
72a1722d6867bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 09 Nov 2022 13:46:33 GMT
292695271_443529474300989_5783587186111328956_n-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/292695271_443529474300989_5783587186111328956_n-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7380b707ab23e6c6621b1ac5ceb56524da792844a4971ddbd083f159ab83baea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7084
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12289
pragma
public
last-modified
Wed, 13 Jul 2022 08:44:57 GMT
server
cloudflare
etag
"62ce8609-3001"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwRRSaXFOt%2Bhm3JT5O8vARJtl2w1VwICRrLzBVnmoxWMzvb93q8ACuUtDaUQNDL062%2FF%2BM%2BvvID6A9gSvffQQAt3KiubGKIzWFNtaCRD5bRLdQeay4bcO10erEHI1VNf4QVoMtpMkpv3Iws2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 08:49:48 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6868bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
360_F_331690404_6YDVT02y9YlelzI7jdPGVKflw4lDqhKm-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/360_F_331690404_6YDVT02y9YlelzI7jdPGVKflw4lDqhKm-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8a3b98b45453c428c771a55165a2af9bf30399c7fa4b98ac7d8c8719533fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7632
pragma
public
last-modified
Wed, 13 Jul 2022 07:20:18 GMT
server
cloudflare
etag
"62ce7232-1dd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i54kHKDXTtxR%2Bf6A9ccuzaspnWCvT5tfNV1tGdWubGxPh1o8CG%2BzOvQRft26rsDoIoUkYRXndVDkPnoi9eCUPbE%2Fte1xUouFbj30BtiRipSo7MSBSVnGbQ7jYdhVwpTiMnkjLnN%2FdXaWKN40"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 07:26:38 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d686abb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
762f7480-9b3b-11ec-af5d-9d314eed0cf6-hask-shine-hair-oils-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/762f7480-9b3b-11ec-af5d-9d314eed0cf6-hask-shine-hair-oils-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b12daaacd20016e117bea984f6fbf3f0791d9148407cdbd403ebf1be6a821d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77878
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27356
pragma
public
last-modified
Tue, 12 Jul 2022 12:53:33 GMT
server
cloudflare
etag
"62cd6ecd-6adc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebeGs%2FJrlPn92L8IlgNGAUBg1coidkpwQiBZyq2oHnF3DCeZSgocowX9V37ZEt0CLGid5oHk4bxoF61krD0eDpz%2Bopn2XEIgvlV%2Fz%2Fh1TgZPKuiklCcoVrPov%2FY2R40mNeo4miwecVggyshl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 13:10:24 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d686bbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
293031850_763675868115341_1635462871605383217_n-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/293031850_763675868115341_1635462871605383217_n-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13a4ae6a1e30d3fa78651c1b2870fe09ebb2a8257272b117b70ca645e032531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79170
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19642
pragma
public
last-modified
Tue, 12 Jul 2022 12:48:06 GMT
server
cloudflare
etag
"62cd6d86-4cba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhbIA0dAzTWUrxwposZFmIAmn6pQmseEoEGAx9IW34BMmnv1PjXGnD%2B7UYXK8duvaRWOGP6ycjA1aXLX8f0a33M23eobtw6qe9wRWz3f5cwbfkL0huVQbM72hllm3dSgfu7vIcyHsYkH6B4V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 12:48:53 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d686dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Neutrogena-Soothing-Clear-Campaign-26-of-41-1024x683-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/Neutrogena-Soothing-Clear-Campaign-26-of-41-1024x683-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
757611612659d3e1dcaca555c53c6cbf17f682d08e2b25e19679d8215d3754a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18420
pragma
public
last-modified
Tue, 12 Jul 2022 12:00:20 GMT
server
cloudflare
etag
"62cd6254-47f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUSEGGBQoPvExUNoJQgDUni5Yw4%2Bzx7tWJje52tBDwWunPLRdZH%2BxwZkE1CMSizUednNuzPRm0FZP%2FI%2FLscHQRitrYBWdgDgSCsokJldTR9f4hJv5cnMpHbjmNatoPUIfsQcbNqhTdYxS5hu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 12:07:26 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6870bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
istockphoto-1131702061-170667a-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/istockphoto-1131702061-170667a-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08a419097a34d430f2196d91303f50dde25ca85c21af4a34b17df245d5c97381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
422321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19410
pragma
public
last-modified
Fri, 08 Jul 2022 13:24:54 GMT
server
cloudflare
etag
"62c83026-4bd2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLB9t4RdFfZehWD5vwHdQAzy6%2FUAM2GoJ5h1xS4a9UTixqkxkWf365of9I%2BrjLzmNLL%2FWnqHewPZM%2FtcLC0v3S1yFAN1xLdeNm1BoLu%2BsvDLoLmsa58qdG9s4ZXusNUGIjSP0owE%2FXTwSGIZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 08 Jul 2023 13:29:23 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6871bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
GettyImages-1281597356-MLedit-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/GettyImages-1281597356-MLedit-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da93a943774fde37c709eba1c21fdd4eeaf72b69e50df7da0e28a0ae1f54917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427899
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17852
pragma
public
last-modified
Fri, 08 Jul 2022 11:46:03 GMT
server
cloudflare
etag
"62c818fb-45bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkwyIPpOEJ2yf405skrmKgHMsuAvpiAgYc%2Bk5UIgwDdrTa%2BBXHhMeBbpuopipMlyO8yt4tzBNvsq%2FO8aiYLw1FP93UNWOvWfrGFwwqtsAojUccrIHC10qxksoeBjXh34oCSY8IeBwsCzmDhR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 08 Jul 2023 11:56:44 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6873bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
20-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/20-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b3643d244689aaa5666a06ad6bbf0f9d8bf68f3d84af730b782a499363867fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
429526
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21522
pragma
public
last-modified
Fri, 08 Jul 2022 09:46:06 GMT
server
cloudflare
etag
"62c7fcde-5412"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfBWJozNXPJbjzzEy4lzG9cCjsq2g5b2rr%2BJiQSFnXZUnmW3nX6z4VG3Hly256yI58hClbIpP5EQQDOP2Q1GACfYUKZ%2BteLkGVZfufqrJt2hnkNJuNOhlaXNhcq4k%2FZ%2B59A6d%2BZVSTCEd8nJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 08 Jul 2023 11:29:34 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6874bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
logo-telegrafi-footer.png
telegrafi.com/wp-content/themes/telegrafi/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/logo-telegrafi-footer.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23215c2c28bbe8e3ea1982d6dddbe2580fd33e82d2c98f2e202b370a46cb0d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1265
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
"5a8039ec-4f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjOlEkTBaEA86IsmYEeJZjGOuXzjNd8xojJezfrAoNpTt%2FjKmylfGva9a9QsjnQUu1zSZKTUTuQ9Rc4RQZKLNEBK7%2B3Rd%2Bznlc%2BkxQ4TIOFVOqQXha2U3Lw%2Fyj7AzfmyrrrQDuqH0RKIeYuu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31556952, public
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6875bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Oct 2022 21:26:47 GMT
dukagjini-new-logo.png
telegrafi.com/wp-content/uploads/2016/04/ 		580 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/04/dukagjini-new-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7962210b6e797e08c011395cf88eeff6c058253b4242b8c5256869f778597e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14613574
cf-polished
origSize=876, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
580
pragma
public
last-modified
Fri, 29 Apr 2016 11:10:22 GMT
server
cloudflare
etag
"5723411e-36c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCp4R4HFXnc7ymcPF1Idb1diILcc4NPOo3NiX27d93o8rIyNkObwijmDB5tafAdqOtU%2FFCJeLFna6SwzkrUjfG1SZ3jyJezla%2Ft1Zky1Kgst%2FLcQWFk6Fi9yk0mu6rZFqO07a1%2FacoL%2BNE0e"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 07:28:49 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6876bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
deutsche-welle-logo.png
telegrafi.com/wp-content/uploads/2019/12/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/12/deutsche-welle-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582abc8129fdb3c0b62923088fe34ec00d2ee66870ea16303615013d4a28901b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735519
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3525
pragma
public
last-modified
Wed, 04 Dec 2019 13:54:53 GMT
server
cloudflare
etag
"5de7baad-dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEmijq%2B412ozn%2BiSss3aPy2k4f9OqHqrHOW61XoZQrDRCL5%2BHyLOb6N%2BV6MXCSDbHeEaLRXQr7rg2%2F2xC9tzsMz%2BpTXbsesqfGmoqqUBIrMgRVn15bXV33ITZTk2trLBR7RryrXrxIbCzp%2B5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6877bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 23 Jun 2023 08:35:13 GMT
shkabaj-logo.png
telegrafi.com/wp-content/uploads/2016/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/04/shkabaj-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7844cfb29c5da5aaf907a24611ae207eeee959eadeb087ce5d01713a4267cd2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14613574
cf-polished
origSize=3647, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2352
pragma
public
last-modified
Fri, 29 Apr 2016 11:10:23 GMT
server
cloudflare
etag
"5723411f-e3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpUgfnbYVa84xGr7y8wd%2FiuPYCZKzzv1MBeuzbw%2BRZqYk0ya4DGNZFKqR7oglowSisi3n8CA1qwyG4Og%2BnVO167NEGj%2BKth%2B9UCJVnpBVBBQqgmqDDFQ8UnaEKZ54Hf7YbcZf%2BDFxmb5iXpg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 07:28:49 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d6878bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
toske_geg.png
telegrafi.com/wp-content/uploads/2020/09/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2020/09/toske_geg.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41854f41fe85020edc0377130d956283c0c533e9996e3a7e3aa7e909f93dc954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14613574
cf-polished
origSize=1463, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
933
pragma
public
last-modified
Mon, 28 Sep 2020 08:00:56 GMT
server
cloudflare
etag
"5f719838-5b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twDJY72V2yRZxcv9CtmGySWqFfzA3yvzkry%2F%2FnTJzOAyt9sBLHB39Sou6xs22SihOwTUhW2CiARiD%2FBfoFtEW7BqDQJqIVDn7SrROtbB1FMcIrCnBM9VA0aci3s60Lxd%2FrUfrT1bvESCtK8G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 07:28:49 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d687cbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
font-awesome.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0957311c8318f0d2498805c7bccc65cd0c86c643e12ed83031452e5f91152e4a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Nov 2021 09:36:29 GMT
server
cloudflare
etag
W/"618b929d-6dc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrmAh4gypPjUXv4%2FE40Rab6Ma6o6WEK9aG0uc2sZBv5vD0H1L1e2axQPQhYun5ckMIe5dLq%2BCgWJB7B3lpMhBDe8Gzb%2FPdA38htjPvlMCe3bN%2BXkMOmh9oPNBc5j9AD0si2ERBlukNU8Jhwe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722d4fe0bb80-FRA
expires
Thu, 10 Nov 2022 09:36:34 GMT
clipboard.min.js
telegrafi.com/wp-includes/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/clipboard.min.js?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 25 Jul 2021 08:39:43 GMT
server
cloudflare
etag
W/"60fd234f-296f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxOjoFEdB%2B48JmxNSK8YpHPjNw%2BlrzRLCUrkpwZXGhltDiBKZVTXtI%2FcA39cTdTE4rnl8o8pmSTgotr7ajP%2F5278oOl8ohYPRIXOGSbp2G1RncPD2XwUo4VlDZmHiba5xOZUDDva2Op8uZzo"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722d4fe7bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
main.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11364d0061c53e3b2f6c0ce2fa70d7961f0d06fe5939d3aadb4e8467fac1a980
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 10 Apr 2022 10:10:07 GMT
server
cloudflare
etag
W/"6252acff-bf76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGBvoyz%2BB%2BhmxL6KwL0Op4a8fmleXDAGyT2SRiz9nqIsOfw2YXa3C1fuT1VsaTYcTrDB8Rv17iLfe2KfThAiLQabVjYTd%2BBEgU9TQKG%2B72liZw0ikloSxEtmsIgjoZklusPnJASN6pDz4dub"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722d4febbb80-FRA
expires
Mon, 10 Apr 2023 10:10:14 GMT
jquery.lazyloadxt.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/jquery.lazyloadxt.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14eec7295e73242aff774c5b71962ecf640f4bcda0ce68df52a283c8e970613f
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-98e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYnvR%2FVPAWIDmTXbgJeOhrsf3q97cRZ6P5WJDRAmuW9aL9EeVShwKjgbigFFPxgUHgPdbNSfYh2y4So5GpnxxUqp6fYiBzzjNWEXp3mSEHGUZdXcyMjzZAD3EEtKS6XaR6L6KfoizIFs2V3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722d5ffabb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
general.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/general.min.js?ver=3.01
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7156d8e7be5cbb3506804b16a96f73591ced0d621a6b5f34ca88119d191b8c
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 09 Nov 2021 13:14:42 GMT
server
cloudflare
etag
W/"618a7442-2411"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEnF%2BdHlnea3bv5u8qJqVEXf8Grxkpob8YUKc7hECvxiltN6HlQfWbKwD1UiPAS2LmvdZM7vXUl%2FfO1%2BSberjFSVuuYlf4VbeVlQY%2FXAUl9GPOaJb0spMqwOJJlF7%2Faa9H08YfNqlSes2rlF"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722d5ffdbb80-FRA
expires
Sun, 11 Jun 2023 17:26:11 GMT
wp-embed.min.js
telegrafi.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 27 Apr 2021 11:34:25 GMT
server
cloudflare
etag
W/"6087f6c1-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXBiGplA6Hnmfydd5FNvc80PVxmP8E6HJtcfbt0Px23WAi%2FyuPpCPmNjyIaX7vBstVH7aCErCazZu0E2G2X3ZBRhELVZ6pjxQoFS9wz204DqYn2O5YWjb6TwQl37S3UY51LvxDCiQaWTfOuo"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
72a1722d5800bb80-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
gtm.js
www.googletagmanager.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6018d33f57979c14424f63e51f4ab5108e9e0abeae912703ebf8312be0ed7334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69591
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Jul 2022 10:48:23 GMT
html5player.js
s1.v-player.net/player/stable/ 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.v-player.net/player/stable/html5player.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
6463627134cc4c1d4a2a6074dbc030929369ce6c318ada0e3f246f3b6f806828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 11:41:16 GMT
Server
nginx
ETag
W/"5f8eccdc-4f5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 14 Jul 2023 10:48:24 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6736
date
Wed, 13 Jul 2022 08:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Jul 2022 10:56:08 GMT
choice.js
quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dcafbe9407c301261985c3dfb80d73966d57e2bb5d67de978222cb8765e17d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 16:33:29 GMT
server
AmazonS3
age
14
etag
W/"992ab8620dedf1f62286c67a7661e59a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
SBi9uiH6Q5pxTJ52LPhe_JOtwKI8Fsy6m_Y7lxdbf-zlKRBfq55z8Q==
loader.js
cdn.taboola.com/libtrc/telegrafinetwork-telegrafi/ 		286 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/telegrafinetwork-telegrafi/loader.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
322c6f260c65efe226ff992107dd9f6a23a179ed5860c86e313a9c577fd0b77d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
kd37_OVVO_cDZZpOMrAkWHlaqh6XbvBD
content-encoding
gzip
age
1219
via
1.1 varnish
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
7
content-length
27590
x-amz-id-2
eeQgEG0UtVYtPNqq3QoorI5Ot6RJZ65HwTy1r1S+IJAQUi5ub1+Jil01Ab72+TDbOMNwADiuo3U=
x-served-by
cache-hhn4028-HHN
last-modified
Wed, 13 Jul 2022 10:28:04 UTC
server
nginx
x-timer
S1657709304.051964,VS0,VE1
etag
"26ab18698aa89808eff6e54f258db6a787c8a8b2"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
1YY22591Z5VGMHWQ
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Wed, 13 Jul 2022 10:48:24 GMT
abp
29
x-cache-hits
1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
789326c627a7fd9462ab7c1476ed7fd69a4a4748be8297b2a2452d3108856db4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Sr0+ij5CY4anq0+nBQg19Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
xbsAacEAnghdLEOBwa683OLTrCiuzK/FZGw1v+O/SNWvSY8fuva2qZAlQr/CZtwNa5/vh/jCL1X7NPWzAsfcFg==
x-fb-trip-id
917726464
x-fb-content-md5
041a9ac3c5f780efeabf1951c522984c
x-frame-options
DENY
date
Wed, 13 Jul 2022 10:48:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e134e664163e1059eafd8e8568454d06"
timing-allow-origin
*
expires
Wed, 13 Jul 2022 10:54:19 GMT
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 11:07:43 GMT
x-content-type-options
nosniff
age
171640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 11:07:43 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 20:55:52 GMT
x-content-type-options
nosniff
age
136351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 20:55:52 GMT
pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:46:57 GMT
x-content-type-options
nosniff
age
165686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17156
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 12:46:57 GMT
tlgicons.ttf
telegrafi.com/wp-content/themes/telegrafi/assets/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/fonts/tlgicons.ttf?cn8ygj
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.4.87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e07140e4eb562b6f19aecb33cab48b3f7cb5ea1bd0ead0fc3e0ce5edf3edd7d

Request headers

Referer
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.4.87
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:23 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3832
pragma
public, public
last-modified
Mon, 07 Jun 2021 12:09:23 GMT
server
cloudflare
etag
"60be0c73-ef8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0g%2BL0YEaUxz9C%2BrtT02FohAwrsDn0SNFdRnvRklHM3VrcqtQ9RJyHuCHMNStUGkG%2BMFud%2BQHZaSXV2z2787r31feUUcImr2WzJqkRK1iDW%2FXDGm%2B%2FfXgklMtqHXkktsGMrlMTxWjOTEtJdqn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, max-age=31536000, public
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1722d88e9bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Oct 2022 21:26:50 GMT
projectagora.min.js
aghtag.tech/libs/ 		279 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: pahtuo.tech
URL: https://pahtuo.tech/c/telegrafi.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ba2c6b79b0dc71071075e9a023422bc6efbeb962680ecbaf1f7ddd0efb8387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6510
cf-ray
72a1722e7dcd5c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83860
x-amz-id-2
2u9O0td5rO6fOl1B7/0mkkEC+nKinLrAWzUP8Cb7cTlhFJYuAA/6FcVQZ/U5gT62IWOx4v1Mfaw=
last-modified
Fri, 01 Jul 2022 16:57:26 GMT
server
cloudflare
etag
"1762e8c5179a90e92551df1ffc15e789"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvX%2BvAt2iJ3mlqchzXdMuMC3uPoeaylYq1DMdqce0fY%2BntFRhOWxhnCe8TL3%2BcRTLEtqLRrdzUs4vyOQwReftn49P3IZwxArLq1hkrvZ%2FR0M4n9aCy3Kb8KpfR6%2B65ZQOz3TmtOTxGQ7xw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
9VC6PT70Z87EJ26M
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
tag-manager.runtime.js
cdn.admixer.net/analytics/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.runtime.js
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3f47780ac6a0cd5da2d08e3d14d6c5fd05cb359a527f056bdf3a627dd814bfb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 13:21:02 GMT
server
nginx
etag
W/"6074493e-515"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:50:42+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:50:42 GMT
tag-manager.js
cdn.admixer.net/analytics/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
044316373e018c29ee8a1138fdaac42494514f8f7da4e89da024de6d568a50f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 13:21:02 GMT
server
nginx
etag
W/"6074493e-6e96"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:50:42+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:50:42 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame A9C1 		738 B
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 13 Jul 2022 10:48:24 GMT
etag
W/"62824272-2e2"
expires
Fri, 07 Jul 2023 08:26:19 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-07-06T08:26:19+00:00
x-id
fr5-up-gc29
a21031c0f6a0994b3314.b.js
scripts.futureads.io/scripts3/46506/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-07-11T09:37:39+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 12 Jul 2023 09:37:39 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.futureads.io/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-07-11T09:37:39+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 12 Jul 2023 09:37:39 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:uniques_instantly[url:%2F,domain:telegrafi.com,page:Lajmet%20e%20fundit%20-%20Telegrafi,page_type:main,language:sq,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36,device:desktop,browser_version:Chrome%20103,browser:Chrome,depth:1,user_type:new,user_id:502fbeab2.0717eeee7_1657709304054,session_id:21854aed7.8887995c2_1657709304054,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&1657709304060
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.111.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:visits_instantly[url:%2F,domain:telegrafi.com,page:Lajmet%20e%20fundit%20-%20Telegrafi,page_type:main,language:sq,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36,device:desktop,browser_version:Chrome%20103,browser:Chrome,depth:1,user_type:new,user_id:502fbeab2.0717eeee7_1657709304054,session_id:21854aed7.8887995c2_1657709304054,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&__io=502fbeab2.0717eeee7_1657709304054&1657709304066
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.111.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:pageviews[url:%2F,domain:telegrafi.com,page:Lajmet%20e%20fundit%20-%20Telegrafi,page_type:main,language:sq,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36,device:desktop,browser_version:Chrome%20103,browser:Chrome,depth:1,user_type:new,user_id:502fbeab2.0717eeee7_1657709304054,session_id:21854aed7.8887995c2_1657709304054,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&1657709304069
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.111.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ht.json
tt.onthe.io/DqfniW44qMqs/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/DqfniW44qMqs/ht.json
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.111.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
0a180e57c8c3e68dca64c124c13a119bf547aa1f516d6eb16a8c224469de07b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 10:48:22 GMT
Server
nginx
ETag
W/"62cea2f6-b1c"
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pubads_impl_2022070701.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:30:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130611
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 08:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jul 2023 10:30:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		343 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=telegrafi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
825c697cc8f4ae49d1e726e43453c0edd8097a0c774a62ef6c1883923946ba6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166
x-xss-protection
0
expires
Wed, 13 Jul 2022 10:48:24 GMT
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
etag
"Sy8yk7L2ihxjBP+YyKUKJg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 20 Jul 2022 10:48:24 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:00 GMT
content-encoding
br
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 18:41:01 GMT
server
AmazonS3
etag
W/"9494b70738cd74c9137e65c29c0b1f3e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
kQzTt9fCIgEJB3ZU29-XTZVxSo5PM0eqAHi-nXOJSVJvXV6xrx8sLA==
impl.20220713-8-RELEASE.js
cdn.taboola.com/libtrc/ 		676 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220713-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/telegrafinetwork-telegrafi/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6ee018ce0172fc5e60438c1a4f76dfac59dcd7a81fe35620b2de8218cd2f7f00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
O4pNLwW1VObUuclsWEdgE9p.33GBd3yL
content-encoding
br
etag
"01d2b69104796325d89da4b9ed28ef89"
age
3879
x-cache
HIT
content-length
142661
x-amz-id-2
uCWtKXMswKgtjfSJLkgKxwG19zLu/XbHKn/u/FHbGBh7em8wAihhrjfzBYYI1Z3oLnNI1/JBfE4=
x-served-by
cache-hhn4028-HHN
last-modified
Wed, 13 Jul 2022 09:42:54 GMT
server
AmazonS3-br
x-timer
S1657709304.188873,VS0,VE0
date
Wed, 13 Jul 2022 10:48:24 GMT
vary
Accept-Encoding
x-amz-request-id
JY6CMP3PSWV8WPAG
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
33
x-cache-hits
1825
cntcm.aspx
ads.futureads.io/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=37b02d0f-9790-42e2-90ce-49172bc138a4&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&pv=1&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://telegrafi.com
Date
Wed, 13 Jul 2022 10:48:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
dmpapxl.aspx
ads.futureads.io/ 		43 B
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=fc14989e48ad93792332a028408a4f63
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a87427ac209e07ae49c05fd46a04f9eed7a0b8c9d5b8c85bb7700d72640e840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://telegrafi.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
j4mxnbgZHvus2NUcde2O6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87448
x-fb-rlafr
0
x-fb-debug
PV9BcP4G/Z3cHUJ7kz95V09YyqMixjoHD/IBO7IQtpQ/QQGDW4ndhpM6Ck9Q27qwfblL6HZ8KLOV3brU+mKHFQ==
x-fb-content-md5
b43f8e7c371913d0e01293df236f6037
x-frame-options
DENY
date
Wed, 13 Jul 2022 10:48:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"0d4b1e3eb24c06bf557cc8e5daf15024"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Jul 2023 09:39:37 GMT
js
www.google-analytics.com/gtm/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MTCHQ67&cid=2040249995.1657709304
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
728d64fbf44839e154fbe8bec7d40773452e3d07c0fa1a0502b3f707aba80b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39555
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Jul 2022 10:48:24 GMT
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VLYQGEH6F0&gtm=2oe7b0&_p=645143256&_z=ccd.v9B&cid=2040249995.1657709304&ul=en-us&sr=1600x1200&_s=1&sid=1657709304&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2F&dt=Lajmet%20e%20fundit%20-%20Telegrafi&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VLYQGEH6F0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2cc096b6c033c55a963e040106ca8d1b26bb0370eb3044bda1a86fe80d912040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70457
x-xss-protection
0
expires
Wed, 13 Jul 2022 10:48:24 GMT
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1735990
fly-request-id
01G67V65GF6PRHKWAWCR4HNMMV-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72a172306bbe9042-FRA

Redirect headers

date
Wed, 13 Jul 2022 10:48:24 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G7VJJFC95XPK4NXBYCVQ2W9T-fra
server
cloudflare
age
220
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72a1722feb009042-FRA
access-control-allow-origin
*
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
19c18de6057fc7ffd54c5692ff29eb8ff65b4714f5852e9a94d844c3f752f061

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
213794966
fundingchoicesmessages.google.com/i/ 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac671921bb587a1c659e9ca00beb171ab78bc7534604a39eb0b836484963a3c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-exeZug3yYnRMg4ndE-LfuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-exeZug3yYnRMg4ndE-LfuA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-exeZug3yYnRMg4ndE-LfuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-exeZug3yYnRMg4ndE-LfuA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Wed, 13 Jul 2022 10:48:24 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
es6_452a4b73fdc057ec6747.js
s1.v-player.net/player/stable/ 		916 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.v-player.net/player/stable/es6_452a4b73fdc057ec6747.js
Requested by
Host: s1.v-player.net
URL: https://s1.v-player.net/player/stable/html5player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
9a01cf7070ca19a8f1c9c0539792449682d92dd5e57cf56609bf706364355f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 11:41:13 GMT
Server
nginx
ETag
W/"5f8eccd9-e4f0e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 14 Jul 2023 10:48:24 GMT
/
dmp.adform.net/dmp/profile/ 		35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/dmp/profile/?pid=12068&sg=002
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
date
Wed, 13 Jul 2022 10:48:24 GMT
content-type
image/gif
rules-p-5DC2nemX4YAUu.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-5DC2nemX4YAUu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 09:54:20 GMT
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
server
AmazonS3
age
3243
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
content-length
2
x-amz-cf-id
AVlRXPu376jXg-DWeZ0-hn3QPm_04FFe5XGYyJe-beIAICiLcn-HLQ==
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdc3fcd2e52012d8f58f0db58f372c75d38353ee64a0eb6b722239884f689246

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd6e08d5b2f4112a6817f301788849cb7ce7ee3c9d90cfcdf3ae1df11fdfc9d4

Request headers

Accept
application/json, text/plain, */*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 03:00:40 GMT
content-encoding
gzip
age
28065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sun, 03 Jul 2022 19:52:29 GMT
server
AmazonS3
etag
W/"8d4abac577a6a7cf4c78294c617614ed"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
CPJ0zd85OTR2hj4XUOdjuF6bC1Urt7td
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA6-C1
content-type
application/json
x-amz-cf-id
2zNXtkCKyw2X1QwZvTm7XaHewHJTKnxRtjD6pOr4O3nFHjgNJk8Nfw==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=220167648175857&input_token&origin=1&redirect_uri=https%3A%2F%2Ftelegrafi.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fc14989e48ad93792332a028408a4f63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
mbYmzADFnQfrZs89p+qLFE/EquEFmmFeDNguQFmUnyE1WaMi0j/Ic0J0GfWECjbp8147rVMh8DEvz7RvH3HUhA==
fb-s
unknown
date
Wed, 13 Jul 2022 10:48:24 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://telegrafi.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=220167648175857&ev=fb_page_view&dl=https%3A%2F%2Ftelegrafi.com%2F&rl=&if=false&ts=1657709304402&sw=1600&sh=1200&at=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 13 Jul 2022 10:48:24 GMT
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
072e9850774236e199dadc50f2e72ca2e89d1edc9b955cbafcdf6bdf6959afcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Jul 2022 11:52:40 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 10:19:04 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"62a07798-6b2b"
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10532
x-request-id
178752532
expires
Sat, 09 Jul 2022 12:52:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea1dc07a8462adc1de680c13135b4e0365c1c6bb72ccce3f1899527618af0457
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25940
x-xss-protection
0
pragma
public
x-fb-debug
yn66KWAwExsbqD7mllm0GS17Tv890K5siRRuQ/eaozZ1Uh6g4xddY/WwjJZ9wi0VtW669tj79rx8asIPtLLWaA==
x-frame-options
DENY
date
Wed, 13 Jul 2022 10:48:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
breaking-news.json
telegra.fi/storage/ 		275 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/breaking-news.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
158247d9db7d1660e068afffde76af9d9b79689585551e45a00abae2c5cc9bbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 08 Jul 2022 11:05:44 GMT
server
cloudflare
etag
W/"62c80f88-113"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7Y4EI8iToh0QJsbcXkdsAwXvf%2BSS64GuHkqUY5k%2FQ%2F%2FYRcK%2F00HTaQMBEsI5EkTKlPpqXGU9j7KfeNwuvj44uMDNdCjNtfGGOS4xnOSgNGJNcYx7JkhKZ0A5CdjLmqNz5c7B1lIADAO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a172310fe09265-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
fontawesome-webfont.woff2
telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
"5a8039ec-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMrEyZLNocQlosu7gk5nTH0lT8pHK0W93zXQ4Ewz68j0Z1HIaFX7hI0RyVt%2BReCYYMQMuV4ab6IGfBba41gRwhVn5GB8f7th25bIP2id5s828lk%2Bu%2F6njhsvRUSmIbyfb%2Bsa4P2f0wpJB2f0"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17232bcc7bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Oct 2022 21:26:49 GMT
all.json
telegra.fi/storage/trending/daily/ 		525 KB
118 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/daily/all.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1558dd08491401e8c243d7a95071d576fe60d044158e6a0066a53a4b37e68e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 12 Jul 2022 22:02:09 GMT
server
cloudflare
etag
W/"62cdef61-835fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOCjRP%2Fsy%2FXCZRdyEHsuFOxTxU4wplf7nl181lWg%2FeL8R9MK9m%2BndO0QUzhpNzBkh3cermr7P8r3syPraB%2B0zL4HYpjHJwRF35%2BcmkySKvsYbBEkBkLycbm7PZ5MppioExPuIuXtj4ko"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723128149265-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
app.min.js
cdn.webpushr.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.webpushr.com/app.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.101.145.111 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
44ad315912c9335a551e38342e439c1cf8c66a45513ec1b2fcb2133be074b86a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 21:04:02 GMT
server
nginx/1.16.1
etag
W/"62855f42-9ea4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
x-gg-cache-status
HIT
cache-control
max-age=86400
expires
Thu, 14 Jul 2022 10:48:24 GMT
cntdata.aspx
ads.futureads.io/ 		48 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntdata.aspx?query=visitorid&containeroid=b1c6b850-d671-4b42-ad56-9bafbee994c0&referrer=&pageurl=https://telegrafi.com/
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
373b6532bc126002fc997f7cac58e00c53ad55e1d9917dcdc962ede7f7d8fafc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
X-XSS-Protection
0
dmpapxl.aspx
ads.futureads.io/ 		43 B
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
cntcm.aspx
ads.futureads.io/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=afcfd9e6-c59f-48dc-b141-1a0544c76474&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&pv=1&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://telegrafi.com
Date
Wed, 13 Jul 2022 10:48:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
cmp2ui-en.js
cmp.quantcast.com/tcfv2/42/ 		230 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:03:18 GMT
content-encoding
gzip
age
24307
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 18:40:26 GMT
server
AmazonS3
etag
W/"24932b3e61742029985961c24d35dbb7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
eFw63GvHnWlU3OM6gJo9AECbBT2Z8xwqrShcXQ5MKJn0GcpkYQoZMQ==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		303 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7f423b225e6202de06913ffd607a71ea622478d518301f145f078adf9051db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 03:00:38 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
28067
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 03:00:32 GMT
server
AmazonS3
etag
W/"b1b054257c462eeda4547160c26b0252"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
erfhXbvzlUjGt5fJyzEB1Dobv-ceFhz1QC6ge0FbRrc_YLCM0aFH5g==
truncated
/ 		52 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5d7077a30dfc7c91cff8cdb8af3b8db14ac790cf886d6127c2b4f63648cfa3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
/
adx.adform.net/adx/ 		629 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTEwODI0NTI&url=https%3A%2F%2Ftelegrafi.com%2F&callback=_adform_cb_1657709304601_44748482119858846
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
536222675f60b0ab23cc24e3fdee65eb828e46eece1a95b95f3180a340c07299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=645143256&t=pageview&_s=1&dl=https%3A%2F%2Ftelegrafi.com%2F&ul=en-us&de=UTF-8&dt=Lajmet%20e%20fundit%20-%20Telegrafi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=1776104404&gjid=1667878199&cid=2040249995.1657709304&tid=UA-2976507-1&_gid=1734121124.1657709304&_r=1&_slc=1&z=833023305
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
17553556_629896703886022_6850499525375994270_n-380x233.png
telegrafi.com/wp-content/uploads/2022/07/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/17553556_629896703886022_6850499525375994270_n-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e57d256f2af5646592276686b5f376b2a8b76c24a73bdda9245724ceb90bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
175654
pragma
public
last-modified
Wed, 13 Jul 2022 08:54:42 GMT
server
cloudflare
etag
"62ce8852-2ae26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfbEcjEKBJtNQYVzoTs2X0TlWSjF8GDf1DGikxis5wGKYUOabDv4f8so3rXF4G3xwEAh6jr88yHD0XoMrNOL2bq7Wh%2F8Y1wIHxcybUNrdMcK4xzrAfp%2BRTghK9%2Fx59FHgqz0kCUJQJeIrLUG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17233e828bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:55:27 GMT
keshilli-i-evropes-380x233.jpg
telegrafi.com/wp-content/uploads/2018/01/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2018/01/keshilli-i-evropes-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
778228f5b225aaa035f565a75164b203b553c44589cf73827d57f21dd3a40465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
883
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26736
pragma
public
last-modified
Sun, 11 Feb 2018 17:24:03 GMT
server
cloudflare
etag
"5a807c33-6870"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQuCql5DpyG5eivQ12h9Ktmf6bZWNws695BaHFNYBYWf1K%2BO0BfZh%2Fcs%2BN2oAkns%2B3jC4b6B%2FLEnfC8FAn7I4rJL7GdrrUiTiYrQ9dmXE21SMYYCcjyZ1VAcKzCJri8LKG4cfF%2BVTCnIGlXK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 10:32:57 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17233e82abb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
1.-1-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1.-1-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c73039e48544a1a82aa6d25ae9b3381fb2e5c008e7db9df9e8f637f1360f8b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23122
pragma
public
last-modified
Wed, 13 Jul 2022 10:44:32 GMT
server
cloudflare
etag
"62cea210-5a52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyNezUFojxvQrwzqpn7iVlgDEFXSeoAtRU5qGsMg3fyNYJqmr9u%2BwUt1%2BftV%2FYpqV9FqpKgntHN6X%2BLMvvqfB9QoF6vGasc1TGUhOPffAIXAhIUXJJOKyl%2BHRU7IXzivNbjUFLweECmrzkEO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 10:44:47 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17233e82bbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
thaci-veseli-380x233.jpg
telegrafi.com/wp-content/uploads/2021/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2021/11/thaci-veseli-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ad596629b0775b51e76413761e9537218afe61ca110806d5d644134d7cc18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
108322
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13417
pragma
public
last-modified
Fri, 05 Nov 2021 20:48:31 GMT
server
cloudflare
etag
"6185989f-3469"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5shBqS4CTbm0VC5sPepmW2IRcVMz6KB5ZZwGfJKYZnwQDNYo5IBHoaLMiEK02orHDTDEXqR177wKVtOm5n2fZa%2FCiB4EQLXyT6RycEvltiVgqRJltTfDwlEugYXCm5jxE62tc6aEOFJZe6U"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 04:43:02 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17233e82dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
IMPRES-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/IMPRES-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20df0d19a2a73656afafb4db8817570968c3f9208cb2be2695531b850692428d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27304
pragma
public
last-modified
Wed, 13 Jul 2022 08:45:32 GMT
server
cloudflare
etag
"62ce862c-6aa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UivUm1SvhQ348auyThBVT1BTyjfrXSCw6KkgbZ6%2FVKPvxjFT4bLNsyKJKuNao722cSfYH2VDv60JDQLmmsbdN8StCWa6FBaudch7XGKfUFSJNDcTrXsSLQD%2BK%2FGuQrE0Gh%2FX7QvccF4WXtjm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 08:48:07 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17233e82fbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Oda-Ekonomike-380x233.png
telegrafi.com/wp-content/uploads/2022/07/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/Oda-Ekonomike-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38f13ec5ca51695bace8662872673f17b1193c3ad6c48eec354e132aa647dfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8705
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
176021
pragma
public
last-modified
Wed, 13 Jul 2022 08:21:35 GMT
server
cloudflare
etag
"62ce808f-2af95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAzh%2B9zichcdXWE27n5mcrepTZD0iDAl9gGGO%2BqQTq97nR3ZelyE9MT%2Br6mRTc5NMAaydFSRAsq4E1rRob7yacMDSZU6INcheKnE5ykyJABIsJY6yJlWT%2F3CIj0Z5%2FLILJiFMwCQ0bdLUny8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17233e831bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:23:13 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GGFDBX585G&gtm=2oe7b0&_p=645143256&_z=ccd.v9B&cid=2040249995.1657709304&ul=en-us&sr=1600x1200&_s=1&sid=1657709304&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2F&dt=Lajmet%20e%20fundit%20-%20Telegrafi&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dsp.aspx
ads.futureads.io/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=5688025481375985&cpv=967ca550-5615-02a3-7dd7-1f7bcf1995c9&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22764875d0-c092-0f00-d2f9-fcc87f514cda%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229548d271-13e4-93f3-a576-a847affb5232%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
66f92c689cc98a863f58f7c2db1272ed94baccf8d51489d2fc42416c07d054d5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:24 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3508
X-Xss-Protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2976507-1&cid=2040249995.1657709304&jid=1776104404&gjid=1667878199&_gid=1734121124.1657709304&_u=KGBAAEACQAAAAC~&z=672779845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Jul 2022 10:48:24 GMT
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adx.adform.net/adx/ 		629 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTM5OTQ2MQ&url=https%3A%2F%2Ftelegrafi.com%2F&callback=_adform_cb_1657709304763_9851052392498931
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c03eb092e9cad0ac0ffee59adf08fb6780caadc10139e3f42bb33f4d5cb5200b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
telegrafi.com.js
u.heatmap.it/conf/ 		42 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/telegrafi.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4b8868aa4085fa88d0564e3b86f75f856e101d8f37ddbc6be6d380ea127fdeea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:47:26 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
sbg
accept-ranges
bytes
content-length
47
x-request-id
694720208
expires
Wed, 13 Jul 2022 10:52:26 GMT
cntcm.aspx
ads.futureads.io/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=afcfd9e6-c59f-48dc-b141-1a0544c76474&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&userid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
260833360772983
connect.facebook.net/signals/config/ 		291 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260833360772983?v=2.9.64&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f807875fe162645fb0b07a2c863bd6d72938966662fb4068e4b9fbc5ffcfb156
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85547
x-xss-protection
0
pragma
public
x-fb-debug
Hfq7iBf3MMW0RSaxhhi0b5x/Ps1bTd9D8//7o1gZd2t2yoPMiJemEMp1d4QpDLgKHliYtFSL2/uW9JepqdlT3g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Jul 2022 10:48:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%225DC2nemX4YAUu%22%2C%22domain%22%3A%22telegrafi.com%22%2C%22publisher%22%3A%22Telegrafi%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%225cgHr8lNOUMyKG0uXbj0jQ%22%2C%22clientTimestamp%22%3A1657709304798%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-tt939upgz2v77us5mvj0%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-149-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 10:48:24 GMT
content-length
2
content-type
text/plain; charset=utf-8
telegrafi_logo.png
telegrafi.com/wp-content/uploads/2017/02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/02/telegrafi_logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54bf38cbd1e24686b4d06e6eef66bdabe95db066455b22dfcf30a94d52fb9d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14613585
cf-polished
origSize=17280, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2344
pragma
public
last-modified
Sun, 12 Feb 2017 14:51:09 GMT
server
cloudflare
etag
"58a0765d-4380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QV%2F1DP%2BN0E9OtdrwcFMykLYw6oylvnTjvZiQTGYko1gCTo2bJ5%2F7HeN3dZj%2BAOYkMNqL%2BOpOjasvdEUg1YxxEf95KkhzLKn%2FD8RWQJp0%2BB8LQQxKh0rAB%2BwXnd7z2wE9xEbbTsiyNniNTipW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 06:11:11 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172350adebb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2976507-1&cid=2040249995.1657709304&jid=1776104404&_u=KGBAAEACQAAAAC~&z=1223870726
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2976507-1&cid=2040249995.1657709304&jid=1776104404&_u=KGBAAEACQAAAAC~&z=1223870726
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e1eee23f36481a69453f.b.js
scripts.futureads.io/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-07-09T13:02:29+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 12:59:14 GMT
fdabe098f34289659a17.b.js
scripts.futureads.io/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-07-09T13:02:29+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 12:59:14 GMT
84011c43c3075e543c6d.b.js
scripts.futureads.io/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-07-09T13:02:29+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 12:59:14 GMT
7103cce7fa6705169441.b.js
scripts.futureads.io/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-07-09T13:02:29+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 12:59:14 GMT
5927ef40e4a80e0040be.b.js
scripts.futureads.io/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc16
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-07-09T13:02:29+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 06 Jul 2023 12:59:14 GMT
sync.html
s.adtelligent.com/ Frame 106A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=5688025481375985&cpv=967ca550-5615-02a3-7dd7-1f7bcf1995c9&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22764875d0-c092-0f00-d2f9-fcc87f514cda%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229548d271-13e4-93f3-a576-a847affb5232%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f5e9acecf4cabb0c0b5880b84dae2c7f538c2d8dd8a1e96697d92173a3b40a4d

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://telegrafi.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1267
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame E7B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=5688025481375985&cpv=967ca550-5615-02a3-7dd7-1f7bcf1995c9&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22764875d0-c092-0f00-d2f9-fcc87f514cda%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229548d271-13e4-93f3-a576-a847affb5232%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame EB49
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=5688025481375985&cpv=967ca550-5615-02a3-7dd7-1f7bcf1995c9&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22764875d0-c092-0f00-d2f9-fcc87f514cda%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229548d271-13e4-93f3-a576-a847affb5232%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8b2d13b8c3bf7c5162f9a3f5e304a440c68c19be35608e8b46928744bd1730ab

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 13 Jul 2022 10:48:24 GMT
expires
Wed, 13 Jul 2022 10:48:24 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 13 Jul 2022 10:48:24 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:27 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
/
an.yandex.ru/mapuid/targetrtbis/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=admixer&id=a5fcba050c7c4e63864a764e9984acbe
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=3397383874
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3397383874
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3397383874
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:48:25 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 10:48:25 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 10:48:25 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1&sign=3397383874
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 10:48:25 GMT
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a5fcba050c7c4e63864a764e9984acbe
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z12E6394C6AB486BB18894D04A34E2CB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a5fcba050c7c4e63864a764e9984acbe
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z12E6394C6AB486BB18894D04A34E2CB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z12E6394C6AB486BB18894D04A34E2CB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=a5fcba050c7c4e63864a764e9984acbe
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=a5fcba050c7c4e63864a764e9984acbe
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Da5fcba050c7c4e63864a764e9984acbe
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Da5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
185.89.211.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
9d83c840-2215-4b10-965e-fb03f0084f6d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e61c814-e7fb-4533-9ef2-153c43a3131b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3Da5fcba050c7c4e63864a764e9984acbe
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5uqs%2BS78fWXi%2F93U1tWmC5b85oR92jqX%2Fg7ReWY0X9ps6k5mvrH1Dh9MhEzhRqIm%2BJebv6g6SpHBEyZ7tWHu2ZXJY%2F%2BzF1gqJ3xUbiRFT7SpZzFfEthpdOXCxHXACjlT%2FWuTtqUUci1RA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB
cache-control
no-cache
cf-ray
72a172342877693d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=a5fcba050c7c4e63864a764e9984acbe
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=a5fcba050c7c4e63864a764e9984acbe
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
159.69.141.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.123.141.69.159.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=a5fcba050c7c4e63864a764e9984acbe
date
Wed, 13 Jul 2022 10:48:24 GMT
server
nginx
etag
W/"1ee952b5d80846e3e60223f2987ddfd19e9e756b27b905b49bbda9bce7b77882"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=32ce30ec-324d-446d-8fd6-028b5129a2d4
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=32ce30ec-324d-446d-8fd6-028b5129a2d4
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=32ce30ec-324d-446d-8fd6-028b5129a2d4
date
Wed, 13 Jul 2022 10:48:24 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Da5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
content-length
0
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=a5fcba050c7c4e63864a764e9984acbe&redir=[RED]
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 10:48:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zhs1RA5E2uE8KM6Uv6iuDqr_u6s_jfOIM0IX8dQ-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zhs1RA5E2uE8KM6Uv6iuDqr_u6s_jfOIM0IX8dQ-~A
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-zhs1RA5E2uE8KM6Uv6iuDqr_u6s_jfOIM0IX8dQ-~A
date
Wed, 13 Jul 2022 10:48:25 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Da5fcba050c7c...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=52442b0e-0299-11ed-9598-801844df0ab8
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=b4fdc90e-5e78-46aa-98d2-effe521895f3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=b4fdc90e-5e78-46aa-98d2-effe521895f3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4a3b6cc1-cb91-430f-bd81-38bc70a0b3e1&user_group=1&ssp=lemma&bsw_param=b4fdc90e-5e78-46aa-98d2-effe521895f3
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=b4fdc90e-5e78-46aa-98d2-effe521895f3
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=52442b0e-0299-11ed-9598-801844df0ab8
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dlemma%26bsw_param%3Db4fdc90e-5e78-46aa-98d2-effe521895f3&...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=ccc162ce-a2f9-4400-957f-715ec1ebffdf&expires=30&ssp=lemma&bsw_param=b4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&gdpr_consent=
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=b4fdc90e-5e78-46aa-98d2-effe521895f3
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=a5fcba050c7c4e63864a764e9984acbe52442b0e-0299-11ed-9598-801844df0ab8
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=a5fcba050c7c4e63864a764e9984acbe52442b0e-0299-11ed-9598-801844df0ab8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:26 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=a5fcba050c7c4e63864a764e9984acbe52442b0e-0299-11ed-9598-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=5cbcf275-b31c-52c2-918f-bb5af34119a3
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=5cbcf275-b31c-52c2-918f-bb5af34119a3
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=5cbcf275-b31c-52c2-918f-bb5af34119a3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=a5fcba050c7c4e63864a764e9984acbe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=a5fcba050c7c4e63864a764e9984acbe&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=admixer&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=admixer&&user_id=S_Ai_BzwJ6BQ8if9SaZs_Ev2ca5Q-nmgSaR3ctUU
  • https://inv-nets.admixer.net/bs/cm.aspx?id=b4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=b4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&consent=&gdpr_pd=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=b4fdc90e-5e78-46aa-98d2-effe521895f3&gdpr=&consent=&gdpr_pd=
Date
Wed, 13 Jul 2022 10:48:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync
t.adx.opera.com/ 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT, Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Wed, 13 Jul 2022 10:48:25 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
admixer-sync
rtb.com.ru/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/admixer-sync?uid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=a5fcba050c7c4e63864a764e9984acbe
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13-Jul-2022 19:48:25 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2F&rl=&if=false&ts=1657709304913&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657709304912.1153843064&it=1657709304773&coo=false&exp=u0&rqm=GET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Jul 2022 10:48:24 GMT
pv
eu6.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu6.heatmap.it/log/pv?pid=4408&u=https%3A%2F%2Ftelegrafi.com%2F&tpl=.&pt=Lajmet%20e%20fundit%20-%20Telegrafi&t=555143
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.202.74.47 , France, ASN16276 (OVH, FR),
Reverse DNS
eu6.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 13 Jul 2022 10:48:24 GMT
confirm.js
cdn.admixer.net/scripts3/ 		144 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/confirm.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e4f189ce94a53b6316c93df795e04c79f2d0aaf5ae29cacf8dfcc6a3ae705f4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:58 GMT
server
nginx
etag
W/"6282425e-23f9b"
vary
Accept-Encoding
x-cached-since
2022-07-07T09:51:16+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 08 Jul 2023 09:51:16 GMT
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sync.html
s.adtelligent.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
/
onetag-sys.com/usync/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-store
crevt.aspx
ads.futureads.io/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.futureads.io/crevt.aspx?cc=DE%2FHE%2F2925533&am-uid=a5fcba050c7c4e63864a764e9984acbe&zone=CAE5915E-C058-46C1-BC6A-F1347266CEFF&device=28&rule=69D0FA53-54FC-43DC-948A-8168D137A514&requestId=8b43a581-8199-4a7e-ada9-ff206aee4b72&hp=2046853741&page=telegrafi.com%2F&ts=637933061047454203&ap=MA%3D%3D&asign=182607954&sync=96%2C3%2C98%2C57%2C80%2C88&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=7&extpubid=4D8BA46E-AAF8-4606-9B52-4016F6473A9F&inst=ADS-EU-5&pxl=0&pvid=f1467523-27fb-47d3-bfbb-e6ee7b886b8c&ip=185.213.155.163&item=0E15622C-BA9D-49DE-A290-3988A72216D9&crid=0E15622C-BA9D-49DE-A290-3988A72216D9&size=780x439&profile=69D0FA53-54FC-43DC-948A-8168D137A514&isopt=0&adv=Altrade&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Ftelegrafi.com%2Frehatia-mireqenia-dhe-lumturia-qellimet-kryesore-te-al-trade-per-secilin-banor%2F&cet=4&pp=${AUCTION_PRICE}&curr=${AUCTION_CURRENCY}&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
5d9b4428-8d19-40c0-b22b-590ba0c8f30c.png
c1.futureads.io/test1/0e15622c-ba9d-49de-a290-3988a72216d9/ 		539 KB
539 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.futureads.io/test1/0e15622c-ba9d-49de-a290-3988a72216d9/5d9b4428-8d19-40c0-b22b-590ba0c8f30c.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 , Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
327a358dd32a68dd2ee27bd9e11e2590ed13a666b11a59a95c79d858ff02775d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 13 Jul 2022 08:33:06 GMT
Server
nginx
ETag
"62ce8342-86b35"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
551733
Expires
Fri, 14 Jul 2023 10:48:25 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame EB49 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Da3da845569752495
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame EB49 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Da3da845569752495%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
24m74cadpo1tbclsn5s53d1a51l6vta8
ptag
a.audrte.com/ Frame EB49 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
136ddf394493465215aa32a08a1725c1ec56e73808070bf34d275a2ea5276c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame EB49 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 12 Jul 2027 10:48:24 GMT
um
u-ams02.e-planning.net/ Frame EB49
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Da3da845569752495%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a3da845569752495&uid=5528122310733549132
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a3da845569752495&uid=5528122310733549132
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e90460ef-8c4b-4e58-88a8-93368564f924
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=a3da845569752495&uid=5528122310733549132
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 3E86
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 13 Jul 2022 10:48:25 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 42AF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da3da845569752495%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135125
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:20:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 9836 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36da9bfaaa5a6f4cf6c9a3fe651af468bef6d9cc8f58fd877ca3c2c05a18870

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72a17234ab3f6963-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
dropped-udsids
230|45|39|241|176|195|18|47
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uoo8pZl5BCOh5hZ3d6Uf7%2F9MhRcb0A%2B1P7%2Bx1rqPqVoCcCGVC7aI38nzpqyjLOY43k9sVpy4C7jmdfNRNqy7heK3STV0m4QQOihfi8PJui65OzuAXKFNdOLaLxl5sm7uSdZbpB0s"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9944 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
137109
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
833b246ce751dce668bf000ed7a605e2
x-cf-tsc
1653097467
x-cf1
29080:fD.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame FC31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 97D9 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7db8fb10b0965cd198087e1d5439725c6ff10f73844485c4724603cb1cb8d9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72a172349b059b83-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 3E86 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64145
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Thu, 14 Jul 2022 04:37:30 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 42AF 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72981551&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Da3da845569752495%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
content-length
0
getuid
ib.adnxs.com/ Frame 97D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 97D9 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=07f3ea05-5353-47f1-9050-c2a0374095ff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=07f3ea05-5353-47f1-9050-c2a0374095ff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172367e749b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=07f3ea05-5353-47f1-9050-c2a0374095ff&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 97D9 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 97D9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 97D9 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 varnish
server
nginx
x-timer
S1657709305.199751,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4028-HHN
u
dmp.v.fwmrm.net/ad/ Frame 97D9 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:96e:5500:bf36:df5c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 97D9 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9656c9-b4c5-479e-4b6e-502d4babe100%26reqId%3D1616dcf2-d06b-4183-63a5-294f17092122%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=114c1a0a-dfe1-45ea-b979-9e540808fd51&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=114c1a0a-dfe1-45ea-b979-9e540808fd51&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172365e339b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=114c1a0a-dfe1-45ea-b979-9e540808fd51&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dc9656c9-b4c5-479e-4b6e-502d4babe100&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=dc9656c9-b4c5-479e-4b6e-502d4babe100&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=31926936000866726094050903290960242782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=31926936000866726094050903290960242782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172366e439b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v036-0bbb11b84.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vbaI+kJGQis=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=31926936000866726094050903290960242782&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 97D9 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=dc9656c9-b4c5-479e-4b6e-502d4babe100&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022071315-11397-0.754838001657719802-cb8f3db4facddf5d17fa57dd4cdd77b4&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022071315-11397-0.754838001657719802-cb8f3db4facddf5d17fa57dd4cdd77b4&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172360da39b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022071315-11397-0.754838001657719802-cb8f3db4facddf5d17fa57dd4cdd77b4&zdid=533&env=mWeb
Date
Wed, 13 Jul 2022 13:43:22 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7119807251255851151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7119807251255851151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a17235ed599b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7119807251255851151&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 97D9
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=dc9656c9-b4c5-479e-4b6e-502d4babe100
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dc9656c9-b4c5-479e-4b6e-502d4babe100
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dc9656c9-b4c5-479e-4b6e-502d4babe100
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=dc9656c9-b4c5-479e-4b6e-502d4babe100
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dc9656c9-b4c5-479e-4b6e-502d4babe100&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dc9656c9-b4c5-479e-4b6e-502d4babe100&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=eqMxM1KQuUtK/mrYnrsajO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-41...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=eqMxM1KQuUtK/mrYnrsajO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172368e779b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
last-modified
Wed, 13 Jul 2022 10:48:25 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=eqMxM1KQuUtK/mrYnrsajO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 97D9 		36 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=dc9656c9-b4c5-479e-4b6e-502d4babe100&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
36
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dc9656c9-b4c5-479e-4b6e-502d4babe100?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=dc9656c9-b4c5-479e-4b6e-502d4babe100?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a17236ef0f9b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.18.29
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-.w9pADRE2oqzeWl1WYjdAEUodeZhkAdRAQ--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-.w9pADRE2oqzeWl1WYjdAEUodeZhkAdRAQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a17236ff219b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-.w9pADRE2oqzeWl1WYjdAEUodeZhkAdRAQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC3nOzXujU2XLdyDeD9YB3vx%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC3nOzXujU2XLdyDeD9YB3vx%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172367e6d9b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC3nOzXujU2XLdyDeD9YB3vx%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 97D9 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.119.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-119-235.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1657709305
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 97D9 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.149.178 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.149.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys6i_QAP_xUYAQA2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys6i_QAP_xUYAQA2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&_test=Ys6i_QAP_xUYAQA2
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a17237880e9b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657709306.509128,VS0,VE0
x-served-by
cache-hhn4072-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Ys6i_QAP_xUYAQA2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&_test=Ys6i_QAP_xUYAQA2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=ccc162ce-a2f9-4400-957f-715ec1ebffdf&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ccc162ce-a2f9-4400-957f-715ec1ebffdf&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a17236ff1f9b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=ccc162ce-a2f9-4400-957f-715ec1ebffdf&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 13 Jul 2022 10:48:24 GMT
usermatch.gif
beacon.krxd.net/ Frame 97D9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f1709...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
63.34.119.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-119-235.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1657709305
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
date
Wed, 13 Jul 2022 10:48:25 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 97D9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WWWRDGQB3Z1Q8ZX55MJQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CCXVWPD7AJ3S06EY2CK1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dc9656c9-b4c5-479e-4b6e-502d4babe100&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 97D9 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=dc9656c9-b4c5-479e-4b6e-502d4babe100&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 97D9
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a1723798279b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
date
Wed, 13 Jul 2022 10:48:25 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 97D9 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa1cf625d2bc63a5dcbbedb7024dd95c5336e6277fea140373f7d10604cb693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a172355c609b83-FRA
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
pixel
cm.g.doubleclick.net/ Frame 9836 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9836
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ys6i.ECuMi3VTmiGsMFpgAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=Ys6i.ECuMi3VTmiGsMFpgAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELj62gLqi5SBL9V6xjIYa3Y&google_cver=1&gdpr=1&google_hm=2
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELj62gLqi5SBL9V6xjIYa3Y&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a17236fa1d9bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opjXi6QdzhQR3V8V1ww%2Fm4L8NHkr%2BR3fNBb3ekX77M2Yf1oJxfi%2BUhUFtKsmlVnjFxoCRF3XsTf3Ce6hL3QL5cMJOG%2Bo3owRPeVwdcfsL%2FvGzcQf%2F0jn1A%2FfamcSTGM0EZgzMIZi8MMvJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELj62gLqi5SBL9V6xjIYa3Y&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9836 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 9836
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M8YF3RQTKPJ377EMRW4S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SR75JJWJGZ2PANZWET73
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 9836 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:24 GMT
content-length
0
server
c
crum
dsum-sec.casalemedia.com/ Frame 9836
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0c302616-a143-4443-a09f-99d5f1eda58d
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0c302616-a143-4443-a09f-99d5f1eda58d
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a172378b359bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQByR7efGdZnqwJnhmxCgZDMWaruuDN24cybctSd1%2FYKk2EknpcGM87ihdzit9WlNsM08KKd8hhEGBBJ36i4BcWE8xgron%2F9krNSHLcww2VKH8nSB2y0SSHgaEoXxJUWOMgEkMm2PH86Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0c302616-a143-4443-a09f-99d5f1eda58d
date
Wed, 13 Jul 2022 10:48:25 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 9836
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=1&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673606905&external_user_id=ce93922d-f60d-4399-ad60-10496c53bda1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673606905&external_user_id=ce93922d-f60d-4399-ad60-10496c53bda1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a172376af69bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eTo5SVdMQrWyZw1Bf7sL5%2BUl1UJxR90UcrzBsWRAJhbltvYE8hiboIOoeZvS4CI6Ke9MElIKyAD8OAppn5FvJQq090ZLsTkFdlXFkvRzyP6qQ%2BY9Z5Al%2BM0cKusfuaZSieepnNBLaisDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1673606905&external_user_id=ce93922d-f60d-4399-ad60-10496c53bda1
date
Wed, 13 Jul 2022 10:48:25 GMT
access-control-allow-origin
*.casalemedia.com
content-length
157
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 9836
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8HoJCylQ1ObzUR5&gdpr=1
43 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8HoJCylQ1ObzUR5&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a17235b86e9110-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zizZit8EMm%2FG%2BJKF63ipUrelXi4gWOOG0gGMS5pAzdaPa9K5yw83nRlXyZblnSccFwHe4pNaQlvpC9Rywxlu%2FTp%2Fk5X6DDwJQYGakOKlsGRZ%2B7OMlhhCwLf9FSj8T7NsD%2FoLBlxsEFSr9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-046b02221141da501@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=8HoJCylQ1ObzUR5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame 9836 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=a3da845569752495&uid=Ys6i.ECuMi3VTmiGsMFpgAAA%265135
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Da3da845569752495%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
server
openresty
content-type
image/gif
get_info
bot.webpushr.com/prompt/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bot.webpushr.com/prompt/get_info
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.225.44.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1b075484913a2680cf7083c958be659a120f367ed7081a647ddc9461782341c8

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
X-Fastcgi-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
server_name
lookup3
session
analytics.webpushr.com/impression/ 		0
536 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/session
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cmp
spl.zeotap.com/ Frame 97D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
72a172359ccd9b83-FRA
date
Wed, 13 Jul 2022 10:48:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
AGSKWxXdaXn_eY9DWCjPpcfteKWF3AdX1Bf5a7mAqoaRvku0wkXzKWPtBXe3JNYLGA_R9-xWoTTvG1ASGGUA4_l0Hr4=
fundingchoicesmessages.google.com/f/ 		59 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXdaXn_eY9DWCjPpcfteKWF3AdX1Bf5a7mAqoaRvku0wkXzKWPtBXe3JNYLGA_R9-xWoTTvG1ASGGUA4_l0Hr4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU3NzA5MzA1LDIyMzAwMDAwMF0sIjNCRkIxMEZGLUUwQjItNDc2Mi1BMDgzLThDRDUwQjMzRjk3QiIsIjRCQUIwMDdDLUFGM0MtNDAwQi05QTk5LUJCOTJGQzU1QjU0NCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLGZhbHNlLGZhbHNlXSwiaHR0cHM6Ly90ZWxlZ3JhZmkuY29tLyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.bxoSmRowWG8.es5.O/d=1/rs=AJlcJMz1t_eBWBtArtg4opelMoMenBHThw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d59f6d440aa389beeb64a47c6eea69e475e757c769e1f2eacde2c5ad1611f77
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4yBs4UEb37U7MGjiv8nuMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4yBs4UEb37U7MGjiv8nuMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-4yBs4UEb37U7MGjiv8nuMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4yBs4UEb37U7MGjiv8nuMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Wed, 13 Jul 2022 10:48:25 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU3uNHiapEEpqh7hmKRI2n4Om7RoD8VKncnyyUZkcY6kJLgXgUv5Q5yLnBRgkjJn-TXEsTow7gnjIp7NoXOiQcf5HkvhWrE5KQTeZsj9IQ2q_s_d3s_IOFoSqcuVv_jgRwCjb5qrLvmJrkOi4CB30xrped6Y2W9ztgEpHJ3yKLjEr0tryP_Maw3eFP-
fundingchoicesmessages.google.com/f/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU3uNHiapEEpqh7hmKRI2n4Om7RoD8VKncnyyUZkcY6kJLgXgUv5Q5yLnBRgkjJn-TXEsTow7gnjIp7NoXOiQcf5HkvhWrE5KQTeZsj9IQ2q_s_d3s_IOFoSqcuVv_jgRwCjb5qrLvmJrkOi4CB30xrped6Y2W9ztgEpHJ3yKLjEr0tryP_Maw3eFP-?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU3NzA5MzA1LDQxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwwLDBdLCJodHRwczovL3RlbGVncmFmaS5jb20vIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.N_VKqWhh_Ro.es5.O/d=1/rs=AJlcJMzDl6PX4vjjnABnIfSr-cFqAnvFBQ/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc16de6bf84700cfa5585b27ecc0215bac82f1c04d332a65e691fd2705ab0b37
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kN_R2KCGllNGBwWL-68naQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kN_R2KCGllNGBwWL-68naQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kN_R2KCGllNGBwWL-68naQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kN_R2KCGllNGBwWL-68naQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=Microdata&dl=https%3A%2F%2Ftelegrafi.com%2F&rl=&if=false&ts=1657709305418&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Lajmet%20e%20fundit%20-%20Telegrafi%22%2C%22meta%3Adescription%22%3A%22Telegrafi%20i%27u%20sjell%20n%C3%AB%C2%A0koh%C3%AB%C2%A0reale%2C%20sekond%20pas%20sekonde%20informacione%20dhe%20lajme%2C%20k%C3%ABshilla%20dhe%20analiza%20nga%20t%C3%AB%20gjitha%20sferat%20e%20jet%C3%ABs.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Portali%20Telegrafi.com%22%2C%22og%3Adescription%22%3A%22Portali%20Telegrafi.com%20%C3%ABsht%C3%AB%20portal%20i%20pavarur%20informativ%20dhe%20m%C3%AB%20i%20vizituar%20n%C3%AB%20gjuh%C3%ABn%20shqipe.%20I%20udh%C3%ABhequr%20nga%20nj%C3%AB%20staf%20profesional%2C%20Telegrafi.com%20arrin%20t%C3%AB%20azhurohet%20me%20lajme%20n%C3%AB%20%C3%A7do%20koh%C3%AB%20nga%20rubrika%20e%20Ekonomis%C3%AB%2C%20Sporti%2C%20Magazina%2C%20Kultura%2C%20Lifestyle%2C%20Sh%C3%ABndet%C3%ABsi%2C%20Teknologji.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftelegrafi.com%2F%22%2C%22og%3Asite_name%22%3A%22Telegrafi%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftelegrafi.com%2Fwp-content%2Fuploads%2F2016%2F03%2F00.Telegrafi.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22%23website%22%2C%22url%22%3A%22https%3A%2F%2Ftelegrafi.com%2F%22%2C%22name%22%3A%22Telegrafi%22%7D%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657709304912.1153843064&it=1657709304773&coo=false&es=automatic&tm=3&exp=u0&rqm=GET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 13 Jul 2022 10:48:25 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame EB49 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 12 Jul 2022 12:57:00 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
78685
etag
"a31a707739fd82541fa40e577dbbfede"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48227
x-amz-cf-id
Ik5kdW18_ZrKO0Mme_tESK_1rIgYzjXDgTrBcX-YWigf2rTa1Bcczg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 6C5C 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
W/"601b131c-27c"
expires
Mon, 12 Jul 2027 10:48:25 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame 4DD0 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AEMDRDDBcfVjlVcL
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 13 Jul 2022 10:48:25 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
GS.d
js.cookieless-data.com/ Frame 6C5C 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657709305460
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 Lorient, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-113.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 13BE 		2 KB
1010 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
4652aa3cee37b817c2e9b54bcf432a466c65626d8c4ee4d9abcfe55bab9bb39a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
expires
Wed, 13 Jul 2022 10:48:25 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601
csync
sync.adtelligent.com/ Frame 9DF3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5528122310733549132
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5528122310733549132
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Wed, 13 Jul 2022 10:48:25 GMT
Etag
ca25579a7f547ed0
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
69028e43-846c-46f1-91db-ca87a337e1c2
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 10:48:25 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5528122310733549132
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 6B43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 3991 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Wed, 13 Jul 2022 10:48:25 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame 1403 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame B0C2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ed11beac-a887-4694-bc0d-d91cf4334b38
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ed11beac-a887-4694-bc0d-d91cf4334b38
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Wed, 13 Jul 2022 10:48:25 GMT
Etag
ca25579a7f547ed0
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72a17237ad4a9b3a-FRA
content-length
0
date
Wed, 13 Jul 2022 10:48:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=ed11beac-a887-4694-bc0d-d91cf4334b38
server
cloudflare
sync.html
s.adtelligent.com/ Frame 1E56 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:24 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BA1C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135125
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:20:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 106A
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0c7d51e7-b467-4627-b26e-4914d9492eed
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0c7d51e7-b467-4627-b26e-4914d9492eed
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=0c7d51e7-b467-4627-b26e-4914d9492eed
date
Wed, 13 Jul 2022 10:48:25 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 106A
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=32ce30ec-324d-446d-8fd6-028b5129a2d4
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=32ce30ec-324d-446d-8fd6-028b5129a2d4
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=32ce30ec-324d-446d-8fd6-028b5129a2d4
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ Frame 106A 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 10:48:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 106A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5528122310733549132
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5528122310733549132
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3c3aaf50-ac4e-4135-9948-c7c9c337c24f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5528122310733549132
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 106A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657709305554
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4534868705
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4534868705
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
RX5ce69f380e464fb3abfe929b7371af19003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4534868705
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 106A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7054103a-9903-4d4f-a488-8c84e4c76927
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7054103a-9903-4d4f-a488-8c84e4c76927
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=7054103a-9903-4d4f-a488-8c84e4c76927
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
pb2h6r72c1702rf6glp3tln0835u3j2g
sync
vid.vidoomy.com/ Frame 106A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 106A
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=3c3614fa64574cc8923cc491eae08509
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=3c3614fa64574cc8923cc491eae08509
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
0

Redirect headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=3c3614fa64574cc8923cc491eae08509
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixelSync
pixel.sitescout.com/dmp/ Frame 13BE 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D66785e16a13a20cd
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 13BE 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D66785e16a13a20cd%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lvu11f0d318biri669tnojcaqkino2n7
ptag
a.audrte.com/ Frame 13BE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
136ddf394493465215aa32a08a1725c1ec56e73808070bf34d275a2ea5276c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 13BE 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 12 Jul 2027 10:48:25 GMT
um
u-ams02.e-planning.net/ Frame 13BE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D66785e16a13a20cd%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=66785e16a13a20cd&uid=5528122310733549132
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=66785e16a13a20cd&uid=5528122310733549132
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 949.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
0a749e69-162e-402e-b022-49a51de4c6c0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=66785e16a13a20cd&uid=5528122310733549132
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame FCA2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 13 Jul 2022 10:48:25 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 640D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D66785e16a13a20cd%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135125
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:20:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 1542 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa9f6ef3fbf961d74dcfb0994fa50395d11176e71dfe14473e2696eb7d87851

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72a17237cc8f912b-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
dropped-udsids
73|46|4|130|90|105|41|152
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvLMb2tTyn4BOemAzn%2F1GhUCh2FuOIP9MZD02c9Dz8ryBHEU9l%2FuLBNYgmKO9VNAksHQIEe1fFODcuLNAMfJ6RsNZ2xlGndxYKvUJYqcA8U77cO0OIm2Jsp3fgVA3yLDLtiQgUYH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 2992 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
137109
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
84c87c94f52ab8d703cddf4a45f7e0c3
x-cf-tsc
1653097467
x-cf1
29080:fD.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 0313 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame B264 		530 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86aa97c6ec4f27b7f4d6d76289fbeefb6862e7860cec03af46f29041b34ef679

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72a17237a8589b83-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
pv
bisko.gjirafa.com/ 		68 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1657709305555&guid=e7c8fc60aa1345f6b7d47358fc5897f05a31a5c9fe3c4b7dbe252e49b5884853&sd=35c3bc43b7914fc79f0f5c3402d0e3f2&c=%5B%5D&tg=%5B%5D&tt=Lajmet%20e%20fundit%20-%20Telegrafi&u=https%3A%2F%2Ftelegrafi.com%2F&r=&bl=en-US&sw=1600&sh=1200&h=2&v=5.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peGxkxrTqFmvAEsPJYjzHAahecYkPb%2FX0ZmQcKUCiLjAJFlognVyPyXmuGk0xZoxmMEllmHtDReeDyhJJxyFy2X4obJ117ESuwSA8mAUFgfMDySlDa%2FyLGFtQs6ez6M%2Fwgzf"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
72a172380c949b7c-FRA
content-length
68
usync.js
eus.rubiconproject.com/ Frame FCA2 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64145
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Thu, 14 Jul 2022 04:37:30 GMT
mw
mwzeom.zeotap.com/ Frame B264
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddc9...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72a172384a2f9b83-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361
date
Wed, 13 Jul 2022 10:48:25 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame B264 		557 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9200a9a6ff37c4b8483db9f1427e1100fe34041bd9cc221c5eebeecae5a9560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a1723819a69b83-FRA
date
Wed, 13 Jul 2022 10:48:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F99 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135125
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:20:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3600
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 13 Jul 2022 10:48:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 97F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 1E56 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 3600 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64145
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Thu, 14 Jul 2022 04:37:30 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 13BE 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 12 Jul 2022 12:57:00 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
78685
etag
"a31a707739fd82541fa40e577dbbfede"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
48227
x-amz-cf-id
2s77DQm4BXc41Sm2TwPH5YpJ6zeXmDFKOHwh8XAiilgsjHGdNUwmXA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 55B8 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 13 Jul 2022 10:48:25 GMT
etag
W/"601b131c-27c"
expires
Mon, 12 Jul 2027 10:48:25 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame EF28 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AEMDRDDBcfVjlVcL
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Wed, 13 Jul 2022 10:48:25 GMT
Etag
b39763e766306307
Server
VertaMedia 1.0
cmp
spl.zeotap.com/ Frame B264 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=09d2714e-8f1c-478a-6531-92cae99db450&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
72a172387a879b83-FRA
date
Wed, 13 Jul 2022 10:48:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1542 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Ys6i-ECuMi3VTmiGsMFpgAAAFA8AAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:d584:42d3:abd8:529d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 1542 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 1542
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3024677144009176105
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3024677144009176105
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a172394f259bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXBSaSSfcyv9iwg1guLgL%2FeL8byBEvDriaE%2BHp%2BBYa7r31xKxUPZgUWln2V9MZnePQ0C5LPlT2mZohtzLg%2F1w918lonD2F34j%2B7phl%2F2oeb%2BaBGrmpIO8nrNtniRQnqn8TJNBbwfEVfTzA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3024677144009176105
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1542
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEaxE7FnUYAAA-CxqF0jA&expiration=1658918905&gdpr=1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEaxE7FnUYAAA-CxqF0jA&expiration=1658918905&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a172399fa59bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twPpxxCHqtcbF1X3g2iXwcdGVGbc7wlwQpZr0RjYtWksWtlb1EsTXN5HfY7pJ7ynolKGJzbqGYWk%2BBpFZek9EiQB4nob%2B1l8D1Rp1Tvl5RDjaYWOzS1z1TPd%2FYtY1ToJw4OQ3NNksyO7oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEaxE7FnUYAAA-CxqF0jA&expiration=1658918905&gdpr=1
Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
no_match_opted_out
um.simpli.fi/ Frame 1542
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 10:48:25 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Wed, 13 Jul 2022 10:48:25 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Tue, 12 Jul 2022 10:48:25 GMT
crum
dsum-sec.casalemedia.com/ Frame 1542
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a172394f339bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFVfrO8tploAPPS%2F8YAdBCNQiPNzekM0gqG7S%2FuSM6xzA4I0y1JDjH5be3skToGmS6RAvXF1yL68pdCscqRSqPzbQCAU6yZ9JZpzZHGHNi%2BgnnxfCI2nnRaFAbPM7%2F%2BNAyuxmL6uTpInuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 13 Jul 2022 10:48:25 GMT
server
nginx/1.20.0
content-length
76
bridge
cm.adgrx.com/ Frame 1542 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 1542
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbc37151-87a4-4a46-8ace-7f8a8356f9d9
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbc37151-87a4-4a46-8ace-7f8a8356f9d9
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a1723b0a7c9bf2-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 10:48:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE6z5Pow%2BKZ4UXZUIXprfdW9rqbgX2yr6en%2FNiDg6cqCxiRD4BPX0638DbzR6VkSwdtSmEBCy0EAWrN0ZJs0iLU5KpCF%2B3Jg%2FdmbeH8sceuecM1paqD7tTfypraXUH8HgyH9QRNBTpASAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:26 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bbc37151-87a4-4a46-8ace-7f8a8356f9d9
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
um
u-ams02.e-planning.net/ Frame 1542 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=66785e16a13a20cd&uid=Ys6i.ECuMi3VTmiGsMFpgAAA%265135
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D66785e16a13a20cd%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
server
openresty
content-type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame 3E86 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame 55B8 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657709305702
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.113 Lorient, France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-113.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:25 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
prompt
analytics.webpushr.com/impression/ 		0
536 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/prompt
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
BHHIF6zTiF.png
cdn.webpushr.com/siteassets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.webpushr.com/siteassets/BHHIF6zTiF.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.101.145.111 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2daae0c04eed05f051bccd667c1defc815d84ebd5474f897300d84fbf71b4104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:25 GMT
last-modified
Fri, 06 Aug 2021 09:55:37 GMT
server
nginx/1.16.1
etag
"610d0719-c1b"
content-type
image/png
access-control-allow-origin
*
x-gg-cache-status
HIT
accept-ranges
bytes
content-length
3099
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3E86 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
ptrack
a.audrte.com/ Frame EB49 		368 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.163&p=M1353665098&artime=2022-07-13T10:48:25.838Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dGVsZWdyYWZpLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8738d001b03bd4cace70015b0778170701345279293709e2fce893f4d0c9c045

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame EB49 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 23:17:04 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age
41482
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
VyPddfnMcD9r2AcpDtTbmA53EM6d6kgVyhSFmPrMbPYDlgUPaciEOw==
data
bcp.crwdcntrl.net/6/ Frame EB49 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.25.212
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
logcz.aspx
ads.futureads.io/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.futureads.io/logcz.aspx?zone=cae5915e-c058-46c1-bc6a-f1347266ceff
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 10:48:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
pixel
ps.eyeota.net/ Frame EB49 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:25 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame EB49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=&google_gid=CAESECL4Nj5M8bxOFSpauiYT8wA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame EB49
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=186923677972495079
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESECL4Nj5M8bxOFSpauiYT8wA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
khaos.jpg
token.rubiconproject.com/ Frame FCA2 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
ptrack
a.audrte.com/ Frame 13BE 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.163&p=M1353665098&artime=2022-07-13T10:48:26.141Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a6eec22b25fd8a0cec0973204767e6b0e929c39590725ef3cc1b3c7dad2ad2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 13BE 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 12 Jul 2022 23:17:04 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
age
41483
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
5Iu_S3Uu1xEWx24KPEUGuR26kDmse3c2F9t8kT-kTG4VoBGKGprH2w==
data
bcp.crwdcntrl.net/6/ Frame 13BE 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:26 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.25.148
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
khaos.jpg
token.rubiconproject.com/ Frame 3600 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
sync.php
pixel.rubiconproject.com/exchange/ Frame 3600 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
p
a.audrte.com/ Frame 13BE
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=186923677972495079
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 13BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=&google_gid=CAESECL4Nj5M8bxOFSpauiYT8wA&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 13BE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=8h56piAqn6eQMaG5CF0a8U3ig&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:26 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
lajme.json
telegra.fi/storage/trending/hourly/ 		376 KB
92 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/lajme.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0191a4319fb580af4bce2c8c7d3b24506fda7c4bf353bfebd47338c02772f791

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:19 GMT
server
cloudflare
etag
W/"62ce97ef-5e09e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txCHIE2JcZgsr3JSVUsl8OBZZvmqW%2Biw8GmCVifZqzyXASEPy6ImjkYeZVW83c9Ynf2kltCVwuJutFe23Z9hXbynfmlw3G5doexvy%2FED%2ByuHYw26mUqPgdAZaUWGFHQpJSNYtQGPm8rW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9f68f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bote.json
telegra.fi/storage/trending/hourly/ 		417 KB
97 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/bote.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05a0a9c05304d14d522be0847ae52ea4608ea6891bc55ddc81d9a455a194faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:41 GMT
server
cloudflare
etag
W/"62ce9805-682a8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eYS7QLl6b1e668N1Dy3RZ%2FOHoePXjxdtcFNJJXUtxvsGRD7J4lcz8WyDEraAfkyAlhWL0zhejD9ScU4No%2FtczFgd2Jw1AlamaA%2FeTQlM4A1HqoliErnSqkfMOr4ir8qVPPByk1T2Ldc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbba168f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ekonomi.json
telegra.fi/storage/trending/hourly/ 		418 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/ekonomi.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1563725efea0b242461be6f0c95fc0ccd831d4ad697b13e0314563afa08248be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:21 GMT
server
cloudflare
etag
W/"62ce97f1-688a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlrTi7EvD6uLxvqMqz6o1PIlZ5ehBx1qxc%2Fqk2FTPTYzWctI9dZpnizge731rWSpgOrFKlpo26pKFtNUfKOwpTKuDg8bHvufqySc2vJQFlPvHFw8GbeISImVabur86sdQHQk2XSptonY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbba068f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
kultura.json
telegra.fi/storage/trending/hourly/ 		310 KB
98 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/kultura.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382155cf8d19f23bb0b53d6e13c0c80dee303ea4e25c2cd21aa213ca77eb7ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:32 GMT
server
cloudflare
etag
W/"62ce97fc-4d883"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUxni0Y8F%2FzcSXg1ScwXdHcVYMCIl9MqWEY9Mpfx7O5Mmxi8qKQUMsLx57bUe%2FikOjACEAbqmDi462cSOGng8EJEuYgoQy42%2Fk4RUVS3cBFWUVZAN5mpMSzG0XB7CB8xP0IsH1pCCkEo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9d68f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
sport.json
telegra.fi/storage/trending/hourly/ 		459 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/sport.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab74b50a678924d424b937bb320c553b2e44aa01ac83a6ee7e8b4f16099f3c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:22 GMT
server
cloudflare
etag
W/"62ce97f2-72b04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8ImIcTsjZZNrOKE%2FK9rLKZgM0PZDYtDLw0gr2w%2FrE9j79h%2F0sWO55iPo3eMOwI%2FKPBjcLRt5z75WQLLXGRFjfZNReJjWGeBBeEoRz6po3nb%2BV912X8yU5nnyNey3jXsGB17KXH3KrPv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9a68f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
magazina.json
telegra.fi/storage/trending/hourly/ 		677 KB
109 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/magazina.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87cad1473595bfb68df12efa1a88bab1ee9bc823abe24d17fe4daf42f56e20aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:24 GMT
server
cloudflare
etag
W/"62ce97f4-a9563"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqObKVMIqZg4cf1u%2BnVSfcMZOhJnwpb754IeLMNQtmutPP7aw88tzLnqV5549BzgG9Z9fqLIIs9MMbkH1eonmmJ727BrJ8Tz2J4CjTFSenqhauw8ilHkUZVfjQnASKnMRkHqBZqt2ucn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9c68f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
femra.json
telegra.fi/storage/trending/hourly/ 		275 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/femra.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa77cbee930eec469fb8618caf32e7bd0ddc48fa8aabb6a64065441393c9fe42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:33 GMT
server
cloudflare
etag
W/"62ce97fd-44d3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkD2%2Bb2ma7BjqQw7bK5qaj00%2B0eb7yxuylAn0NBFm21Z5s8sZVR6qQL5ve24sEOStrvUC2zdlfZ0Zr77RApjiX273Epc1H2oUaVOXWqvAhEXzRn3m3dACZpUT7Xrkv5WzrH0PLYjgJ0B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9868f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
stil.json
telegra.fi/storage/trending/hourly/ 		242 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/stil.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2586f40a4a7a97fc0ff4eabf9dee9c3f2ea7bc7020543a317c6383cd75250fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:35 GMT
server
cloudflare
etag
W/"62ce97ff-3c8e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udrfHb1Ii7yPawep%2FOQ9j64KNnkTv3wCpJM2mWY%2B8yiAcDS8iHNJ5xez1y0AQWIa%2BKMuB%2FIZIpFDNGTWKGnS8U6vfp6wEvump4jm%2Fea%2FApWHRp5P76EdE3y7xv9C1Uc939s2cx2P8h6T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9168f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
shendetesi.json
telegra.fi/storage/trending/hourly/ 		674 KB
173 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/shendetesi.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec64baeb76931e678e4eba87b27d78ab00c3acbf68256769a0e58a0513162f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:30 GMT
server
cloudflare
etag
W/"62ce97fa-a8791"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3O8QY4i9QYTM2J8HhU73bZpvO%2FTZ%2Fmre5jz5Uq1vThX6WToePQV7rY93ZtaLq8GyPwFOsUItLuBu1YKjCk6NPfBzdEBBDM5QyqKlRoZTYTs1H7hjcNdLliXQ1IyD2IjE1KRApSgdkyt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb9368f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
auto.json
telegra.fi/storage/trending/hourly/ 		82 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/auto.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5b5fee66bf0aa5b21739d714f6609177e80d00cd597f48cc1a54af43cc9d1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:39 GMT
server
cloudflare
etag
W/"62ce9803-148d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=de7BnvYD%2Fe8%2BhK1RpUq6Byz6E1icHoFRYJ3WE%2BAVMmJGe566kL0eVOwdOXU%2FCS2jWgo0mq3ke0glRyNe8SSrm5evbKe%2FGyxdF%2FG35NmW2froq3p%2FRSKbZW%2B4eaLyv6Lqixcm6p3z4IGG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb8b68f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
teknologji.json
telegra.fi/storage/trending/hourly/ 		93 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/teknologji.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d9a2e41f400cbb300a768c3dadbe135030b023c88ca6831797993d223177a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:26 GMT
server
cloudflare
etag
W/"62ce97f6-173e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBbt18ObeoCKRpAJ7x3rdlApQjJ0vGcZOAAVv0A9pvq48de4s3VQAYhMrnaG3Y2CrPrT8W1s3LIPP0Dnl%2FZMlMg62Ot17pDfhlzoWJKHgeAZ3JcnBPe2OgyZIpjkWXXhHxdtsSN5J6Zk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbb8e68f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
fun.json
telegra.fi/storage/trending/hourly/ 		76 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/fun.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec57410da13a8b8b85d7cbceb0028fe84243ee79b2e40f911ca7e9b9c978a51d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:28 GMT
server
cloudflare
etag
W/"62ce97f8-131be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqoFlhoe8TCa4MAYGB%2BETTjnNkIBxUB9yWwSy8wTv98uil1DEHM6Ibs7rFtEV6NDZJAj9xKvtUhVyLYBcyhbvOUXi4v2lTHRRNCYyuiK14r%2Br8kTQW8PJO6jxeHl1KK9a62LhdIj3i8o"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbba268f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
kuzhina.json
telegra.fi/storage/trending/hourly/ 		54 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/kuzhina.json?v=2022-07-13T10:48:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f995b1ac3daaab7b52443d2bb70f9ec7efa660dc7f6de835eb2959aa97ef145

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 10:01:37 GMT
server
cloudflare
etag
W/"62ce9801-d792"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC%2FPRxtz8PbJfKlhue0Iib5%2BvDcN3B4%2BwXAq5JA%2BqtHMpvzO2TkWSrKoz%2FGhryg4zFRo4jEw1dCBg2LvE8sM1IPrw2gCEQ9zEd%2FfhBe6E%2FVNV%2Fz5lc7xDmUHBaqT9WHiTjDAtM52bS9i"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
72a1723dbba468f7-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
1-124-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1-124-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691ad86b13d066ed5cc6e4bbf488d9b21b0800b56c6331614f23f63622529032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5393
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9281
pragma
public
last-modified
Wed, 13 Jul 2022 09:16:34 GMT
server
cloudflare
etag
"62ce8d72-2441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jo0mhe1cgfrIwF7OaVMg0YRChf1fcw%2BbAvYhwOyZ6igW0a4O2%2Boq%2BHtVqp4IYoGimg7K%2BoKgVAFBuJaG5l35je8jrUl4qo69x%2Bn7jtVnUb4O0AQTE5cjtTNDt3jGmPez4qO4tvRHncL0l7Sj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 09:17:30 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1723feb90bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
ferrari-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/ferrari-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a704ca7d79dc17cdd9ba143e54b1bf2689950128c1a73243d821b17f31a88618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17694
pragma
public
last-modified
Tue, 12 Jul 2022 17:04:18 GMT
server
cloudflare
etag
"62cda992-451e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9Q%2FKnmFQRzccg1fmnwdvDuqPtED9apfu887PEKeIAED7ti9q%2FX4hIyh0mqaNut4YxWYBMaP1tHzQRX9lF2UY8beAD1gC6EUUMssokdcNrABS6rngWrbkWB75cYOKpRIp8WIX%2FK5tV51jkKJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 17:05:33 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1723ffbccbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
7hghg-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/7hghg-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab70462f7fc86e581c820919171ecaaba2392a10d3019a16a33e898dbe9e205a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42236
pragma
public
last-modified
Tue, 12 Jul 2022 20:42:56 GMT
server
cloudflare
etag
"62cddcd0-a4fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JA3oJ4abDQ%2BS6IWzKWrAzA5K1qAhP%2FDGkFLIpcffsKs%2FNH4UXIY3x0nm%2ByxePF%2FH39e4KtHgj%2FDyWcwF%2FQKCcfgwBY9i5lbabmJt9qA1cCuoXO9nuOfZe0s1wjUn%2B%2FstPTUEJyjc5%2FxelEjk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 20:43:46 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a1723ffbcdbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
people-2568359_1280-380x233.jpg
telegrafi.com/wp-content/uploads/2018/02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2018/02/people-2568359_1280-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de592619b09868359d4a54b5283a819c9f692947e12995ff9d4642ceed9d315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40247
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18781
pragma
public
last-modified
Sun, 04 Feb 2018 18:38:18 GMT
server
cloudflare
etag
"5a77531a-495d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEowRoUm18gHFnM6q8K4v6jSOfjveLssQzLk3f92St8AluSwFrS63z3nQ%2FRVq474KpWursEqngfbXUYzLyK%2FO8SVF%2FFugSIAV3zaVhi4tz5IuWwmOLG48R3pGlrwcLe81CqzritzuNiXKAEz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 23:33:50 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172401c1dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
darwin-380x233.png
telegrafi.com/wp-content/uploads/2022/07/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/darwin-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3060f045a5b97a11ef82f4b9fa464835d619d74653edf866917128ea16c13c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7512
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130750
pragma
public
last-modified
Wed, 13 Jul 2022 08:31:40 GMT
server
cloudflare
etag
"62ce82ec-1febe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AINFof7vL9cGOfLmlGZbtDcw81OZ2RSRJ60v2h%2BCWZJSUQ4XUBno7O0bsBwQmP5EcWKQGDvmpZC59y%2FDPIKXjOmP1kh59HkLOBTQGZllEAcVuBERuIybRduKYZ0%2F%2FocIFEXZbUIhbQB4Cvcp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172401c3dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:42:14 GMT
darwin-150x150.png
telegrafi.com/wp-content/uploads/2022/07/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/darwin-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c8f58d0dcb3fa0cadc586e3d74f93015f2218404cf01e7c33b060aa2bfd1c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38133
pragma
public
last-modified
Wed, 13 Jul 2022 08:31:40 GMT
server
cloudflare
etag
"62ce82ec-94f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPuoRhli01nPQKKsvb9CQQOqw6c8Hn6asvdAarrJGnRvjMnLeSC%2Fg8p0rmVVQJvt6Nr2y%2FF%2B3y9DH%2FHg2G5JGK50UbBoqThYrMi6pSgC1ZXRO0RuiIjQ%2FncuOeCq3vItoqKBnRtUlRMq3XFG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c41bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:31:44 GMT
morata-380x233.png
telegrafi.com/wp-content/uploads/2022/07/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/morata-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2710c2ab885339bb0189863e235a09b94be061cc4495afed1d149c5a1f176ffc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6647
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
135012
pragma
public
last-modified
Wed, 13 Jul 2022 08:48:28 GMT
server
cloudflare
etag
"62ce86dc-20f64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gve0Mp441fKcPKT1OAVrQL9ZkxBI4tm9HF5NCocv0y6y6hrFJdoqTzPOjfUtRlZ99xQZdhlcjL0wjGJX7sIso5j9D%2FflwOp8VujkwJD1UAOH87oO9Xn9wmiONDEITxhRNNZpDMtvJlVf3rg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c44bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:56:43 GMT
morata-150x150.png
telegrafi.com/wp-content/uploads/2022/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/morata-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b38432d34fcdc4772ef5375d0d23871ad0f650dae84b0960620b4cb3de44cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6117
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37696
pragma
public
last-modified
Wed, 13 Jul 2022 08:48:28 GMT
server
cloudflare
etag
"62ce86dc-9340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1tTL1MpRsCcQGFPN%2BVNeQIXUZ%2F5KbtZaCjnMxlalSvH4wamsNjD9wRIkJMoJZGwqIl1m5VgOn3nJYeZJCsCgtOpfL4Se5KduDKffcSW4rt%2FvUGvi1xSvgFEJUHJ8Z5h%2FAv4kcVE%2Fp8eD%2FtX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c46bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:48:32 GMT
lewa-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/lewa-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ccc502e05bd3df04680ffde9c60b8aa39b1986a416e95bd28fd8c20ac6a3c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18577
pragma
public
last-modified
Wed, 13 Jul 2022 09:05:36 GMT
server
cloudflare
etag
"62ce8ae0-4891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idibu%2F8%2BBc3Qcrd3L0MX%2F78M7RlHdX%2FOx6BcdGmoQK7cdh9Sfo8N36RSEBvFoas3L6amzmQNHv4yl%2BKb%2Bhz59rb8Uc%2BQ8jFttGCz3Nt2bKmm34%2FysiI5VY4%2F%2FRowMpItCl2TUOP45dHKLKQZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 09:05:53 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c4abb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
lewa-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/lewa-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96fc0c6e493207d73128feeb3a8ca1f5a11c0274eddd3ee7c6f845ce6ed65e23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5843
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7188
pragma
public
last-modified
Wed, 13 Jul 2022 09:05:36 GMT
server
cloudflare
etag
"62ce8ae0-1c14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYaWdlQ7kTK4sdqVxNnCcep5uQs718IJPkWZzXWrVe%2F4H4yR1gfosq34CGqBslKxGsDkd42Eg8ssNhpVsSv1YHhLfSrTIM7uP2jQWkelevpEutwrT9Rg9BuYcDnKB9qeuSnFkbg5UUTVwVKV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 09:05:36 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c4dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
utd-2-380x233.png
telegrafi.com/wp-content/uploads/2022/07/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/utd-2-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65610d6d65ccfa036081e3a43bdb130d29ab1491f43b18899ea1bb00f6ff9e54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
152470
pragma
public
last-modified
Wed, 13 Jul 2022 08:25:37 GMT
server
cloudflare
etag
"62ce8181-25396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sB94UOLcoK90C%2Fh7YRRBxSaDX9sd33mxmxFXDFqWVW5C%2B3HwzYs3jAOewIRHtGyq0d6pzbLRR0QlOhT76y1A8%2B5ztpfbbvUMcHG3XICTMr9JRZ96dLGJ2SyG4D5ndjYohERcapb7v3akG%2Boq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c50bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:25:57 GMT
utd-2-150x150.png
telegrafi.com/wp-content/uploads/2022/07/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/utd-2-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e732058a59f791d205e1c3c55843b41df607167a3abde1ee86d92e6b6c181f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8565
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42185
pragma
public
last-modified
Wed, 13 Jul 2022 08:25:37 GMT
server
cloudflare
etag
"62ce8181-a4c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHQGitBcWfGgZ4jJDHyl0k7XYRTzxpg8qka8OJA2b53%2BpCGMDe8mYARtPCU0sHKmX7jVai%2FHbGxI8YIwsipzVwx%2FoXlV0%2FZ%2F9oBwl1FfJkWR%2FdxohubqWcf1eYmyFtMDiCZrzjZ7a8QiX911"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c53bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 08:25:41 GMT
shuaip-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/shuaip-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af180a4a37ff0885ee05eb6e9a595f43e2a14eca137c58a9c9fc661ea47279e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
429414
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9349
pragma
public
last-modified
Fri, 08 Jul 2022 11:30:02 GMT
server
cloudflare
etag
"62c8153a-2485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWY1wD9Sku7rJTJEdT5YafHX1HTZnjOZAbWiS2VuPFeJrrD4QYOLs7G0fh9qxDLp%2B7oh2DosswOfhjBH6pGM3PhP8xnufAEpYMrAgdqHL5qy1jMdNOgdZ9zQNSEzIaqJbRRX7mjPF1x0orkl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 08 Jul 2023 11:31:14 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172402c75bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
ors-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/ors-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ba695115c4b1794814a3040ab8024e5e2a11d8f5f9bf8a56edbcf400c2288da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10084
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21900
pragma
public
last-modified
Wed, 13 Jul 2022 07:57:37 GMT
server
cloudflare
etag
"62ce7af1-558c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7v8dTHfSNrJc27Kp1cPWH%2BghQylnSMuClEH3mOMjDfA3DvnpEUeiPTTDQX3TenFwOdwOhcgjRVIuEvVaNxHMseUignG5Q2RQ4WKpxxakt2iByfVbTMtYwhgY6sh5EK07xcpQT1QGbJutWrz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 08:00:20 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172403c81bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
null
telegrafi.com/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/null
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a8f79ff49a970c149c4e4ec1b1019640e0fa1d419b85875850988c8c2cf0a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b78f%2FFUsASBEaub70Drd3UR55GhMJu7%2FOAd91E4BZdeMygh1pkRUPWADHAuKBcAhzGgpXyzx8RI9x5lCWfw4Ktgkn67r2ENsVtjsAfXOlaJAH4vq2%2Fz3YG4nR2bcPIQUtEBhrqmqeAm6WV2f"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
x-elasticpress-query
true
cf-ray
72a172403c9cbb80-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
MINT_cmimorja-e-derivateve_013-380x233.png
telegrafi.com/wp-content/uploads/2022/07/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/MINT_cmimorja-e-derivateve_013-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87efce6ebd49c72c277ef4eb36004b2ef95c94ecd101c89c386fa7621f973bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15261
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
164629
pragma
public
last-modified
Tue, 12 Jul 2022 06:35:12 GMT
server
cloudflare
etag
"62cd1620-28315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxmSNDUwG1nffhB4upTGPLcVN2okJtO3B4uhi7eqGmEMQHV67i4vCPTJ7fwQzRgQmxjmHJNujmd6ZOC%2BzlNClV0bMRyd4OhyMJpOcrMoboKagiEml73VIIE8LrU0BA9IpoYen0yDKtllioyH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172404ccdbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 13 Jul 2023 06:31:49 GMT
1-111-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1-111-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c4c68fd162622a12e08a04842258942da46f034afabb17b18d276cb10144f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53964
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22020
pragma
public
last-modified
Tue, 12 Jul 2022 19:47:35 GMT
server
cloudflare
etag
"62cdcfd7-5604"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymLW0mNStu%2FDTt96yQUc62%2FpQOMlJaBMMR8%2BHSmJD8nl%2FsnN7erq5ZWEu%2BV8rAYWWuOT5mzMtxF5jshxbe4OJOt%2BKpNI8GXprdXfA39k4F58hyCjq6Jj9TwKiwuSsUZgwWt3%2FUdihX%2FXEbja"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 19:48:28 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172405cfcbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
covid-the-very-common-symptom-striking-after-a-good-nights-sleep-as-uk-cases-soar-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/covid-the-very-common-symptom-striking-after-a-good-nights-sleep-as-uk-cases-soar-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93597ee0a3879ad0a6c3f1036781cc8ed99dd38e6ed3d5e51549769f6b5cd74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22414
pragma
public
last-modified
Wed, 13 Jul 2022 06:47:04 GMT
server
cloudflare
etag
"62ce6a68-578e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyWpjRub%2BDXiDT1lzRV6%2FFwH14ovOzmhxNPIFMfB%2Bl3fQNxGd535PzkPJdAl%2FFGeF406EblLkFQ02JI7HLlG4e6DVDAPR35i%2FVde8sqnYOULN8POv%2F2wwYhTbZwg%2BhwE5yuG8PUQZ52b3w%2Bi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 07:32:54 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172406d13bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
1-120-380x233.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/1-120-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304f1a96d07319d2d0c8be0de2dbaf1ba94d0aa24ec55d2246136d7f87b5e5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18214
pragma
public
last-modified
Wed, 13 Jul 2022 07:14:34 GMT
server
cloudflare
etag
"62ce70da-4726"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTbTAjJPUoMrnylGZuqjHZxdHuny7RCLXInNNucW6qsI4IGBxgtCvrRffVlBYIuh9LSbsjUcUwiSWB7fZQztiYBvKUPi%2FRzsmdcA1V6Um59pLFx9VYMV8IeClSZdnqKHE9s97iv9rii29qhs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 13 Jul 2023 07:15:13 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172407d26bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
dreka-380x233.jpg
telegrafi.com/wp-content/uploads/2016/06/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/06/dreka-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15553cfdd897a403b496c8f94b61ac558c78b126158d0cc3ecfad5c6d8d51907

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:26 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24079
pragma
public
last-modified
Wed, 08 Jun 2016 05:05:22 GMT
server
cloudflare
etag
"5757a792-5e0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdDhnRr0FbMxOSu9lcyhFgMKAFNL3C1ghR1VoqRR7RC6e1WQ%2BYeYVGSslUn%2FyMW8r1GCpco3goTEtMt9UGXg%2FQRAk8cr549s8U9O8RsRO5AdXehqOZrh%2FE9ErmZaMXOC8Iz%2Bt0YAgDeX7uf5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 23:38:40 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a172407d39bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
csync
sync.console.adtarget.com.tr/ Frame 14CD
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=186923677972495079
0
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=186923677972495079
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Wed, 13 Jul 2022 10:48:27 GMT
Etag
62570e5211e85bda
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 13 Jul 2022 10:48:27 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=186923677972495079
server
nginx
csync
sync.adtelligent.com/ Frame 1403
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62570e5211e85bda
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62570e5211e85bda
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:27 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=62570e5211e85bda
Date
Wed, 13 Jul 2022 10:48:27 GMT
Server
VertaMedia 1.0
Etag
62570e5211e85bda
Content-Length
0
valdete-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/valdete-150x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31818a5675ca22d54c9bf2ec2deedb880513e9d7ac1ab50b52808012018aae7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:27 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4775
pragma
public
last-modified
Tue, 12 Jul 2022 21:55:22 GMT
server
cloudflare
etag
"62cdedca-12a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fawz5deFEvHb9dhGRJK4onpylUN8VxFPRpJKwI9nhitrhL0b5wL5QRdf2WwvNa6SQR2UADZQ%2BSetb5A6dYC7oxJ%2FBp7%2FxoSunRmHiaQZA0%2FbLifEKYoW61o32wM7l44XroUIMrN%2F69eAKaYV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 21:55:22 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17246bc98bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
7hghg-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/7hghg-150x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238a3f48f4f7805e1ec6a74bbe565e58ff8a14825250145053e25d00459502bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:27 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13636
pragma
public
last-modified
Tue, 12 Jul 2022 20:42:56 GMT
server
cloudflare
etag
"62cddcd0-3544"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPXJ42QaMN1eOQv2wMAdfMbNQca%2Bz7uOlwkFo357rk5JTnn%2BYNIftxAzw2SuCpPEy6YWYvW%2FKnUvKqoHogvQ8yAFnQRPHkecqAtSV89NSNeAhTtyyKuz6gNAKHRbY5c%2B0B3mWbsBJekTCCVz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 20:42:56 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17246bc9abb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
2-28-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/2-28-150x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff8ecd169fa62eacc291f76e08b1ba0d2738f872be73148e7fb7d138e20a349

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:27 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50855
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4403
pragma
public
last-modified
Tue, 12 Jul 2022 20:34:47 GMT
server
cloudflare
etag
"62cddae7-1133"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iIJm9fBg9L0ZuDHcpaqchX5XCvLeNyxIjdSYCvFhIXsL8v4zQiclAmf2zFUqx2f7SBrX1AVlYJyobt8kVXuodFrtsNj4fGyC3E0lOZU0G4c4zrSxXPE5GXGq7wDamMge5x1FtdSbJ7%2FMQAu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 20:34:48 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17246bc9dbb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
collage-2022-07-12T223407.043-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/collage-2022-07-12T223407.043-150x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab9f91555b2ea64686089f3e2c1b194b92d474a2b2d92005d02e92d14515fef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:27 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50855
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4769
pragma
public
last-modified
Tue, 12 Jul 2022 20:34:12 GMT
server
cloudflare
etag
"62cddac4-12a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC1ldgOXTxl4Hwx6jMWJ6GlM1lsCmM%2Fwt1hQOn%2BksRF%2FVwo0bd0oc8VAnZACyeQxvBXH%2F12sX3kLgcZn%2BQG11EOXgztyk1Gf7t4DeqgRQvrjQ1OZRNjsJT3R0Fglfng5du%2BBjInpj%2FJC4xKR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 12 Jul 2023 20:34:14 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72a17246bca0bb80-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://telegrafi.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Wed, 13 Jul 2022 10:48:32 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bid
central.gjirafa.com/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/bid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
123d5bb068d6e47ee6e2abce8a76be062be77c7fd71dfdfb59c87d2a0def6e84

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 10:48:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnB5psUC%2BUVTHd9xgBLMoNPnfqZpSnDSKllL7qvGT%2Fp1ZuMajryRKwH5aVYf8dM%2BAMbjnC1H0%2BOBS9ATU3G9qTYKX7%2FP55lSklhQbGyI3Nt8tdSCUGwjr9KdmhKuCUvMb2PvSbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
72a172612c0a9b7c-FRA
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 10:48:32 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
/
ghb.adtelligent.com/v2/auction/ 		6 KB
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
7a4d29dce5519df2320fce5517aa7f2bcbab836da8c03e9303c3e2f4aa822fa6

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 10:48:32 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
704
prebid
ib.adnxs-simple.com/ut/v3/ 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
f38b0ea3442870ad5a94f7e3ae1903b9914b34b816574364a06c867093cf8c05
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 10:48:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
34865d72-a053-4675-8530-ae225b036f37
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
brightcombid.marphezis.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.132.155 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
access-control-allow-credentials
true
server
nginx
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		714 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftelegrafi.com%2F&CanonicalUrl=https%3A%2F%2Ftelegrafi.com%2F&PublisherDomain=https%3A%2F%2Ftelegrafi.com
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 -, , ASN (),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
54a1769eb2da0d19c46a5d8f8b05f0673c50d9f075db89e859f9bf3e49e685f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:31 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
166
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
714
expires
0
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1657709312177&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.38.241 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ib.adnxs-simple.com/ut/v3/ 		50 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:32 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid
658969f8-1a46-470e-9604-faacf6b91988
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		926 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=185&av=34&wv=6.6.0&cb=74672885988
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
bbe175c94acefb8dffdaedb5527afde6c8200c8803ad6054cc6e9629e8f43f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 10:48:31 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
336
openrtb
adx.adform.net/adx/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.194.177 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.194.177 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.194.177 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.194.177 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.194.177 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Wed, 13 Jul 2022 10:48:32 GMT
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:31 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:32 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:31 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:31 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 10:48:31 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
events
bidder.criteo.com/csm/ 		0
214 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Jul 2022 10:48:31 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?gdprapplies=true&countrycode=DE
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.83 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:32 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:time[url:%2F,device:desktop,user_id:502fbeab2.0717eeee7_1657709304054,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&1657709314073
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.111.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 10:48:34 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
graphql
s333.adxpremium.services/ 		84 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9db129efb627cfb1f4f12fa5e2bd5a36c08adf9bb810e8f3270f34192fe636f

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 10:48:35 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
84
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-allow-methods
HEAD, GET, POST
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
content-length
0
date
Wed, 13 Jul 2022 10:48:35 GMT
x-graphql-event-stream
/graphql/stream
/
onetag-sys.com/usync/ Frame A704 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame BC09 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://telegrafi.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:35 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 474C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135114
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:20:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
d
ic.tynt.com/r/ Frame 332E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Wed, 13 Jul 2022 10:48:36 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
check.html
biddr.brealtime.com/ Frame B015 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
5277
CF-Cache-Status
HIT
CF-RAY
72a172798886bbbf-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 13 Jul 2022 10:48:36 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 13 Jul 2022 11:48:36 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id
15DYQDFYDGXZWWWF
PugMaster
image6.pubmatic.com/AdServer/ Frame 474C 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11993093&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 10:48:36 GMT
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5EA7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=135114
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 10:48:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:20:30 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DF2D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 10:48:36 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 13 Jul 2022 10:48:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 664C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame BC09 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:36 GMT
Server
VertaMedia 1.0
Etag
ca25579a7f547ed0
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame DF2D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 10:48:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64134
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Thu, 14 Jul 2022 04:37:30 GMT
khaos.jpg
token.rubiconproject.com/ Frame DF2D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| globalAmlAds object| dataLayer object| bp object| playerSlots string| playerCdn function| gtag string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| _classCallCheck function| _defineProperties function| _createClass function| Sticky function| Zuck function| ZuckitaDaGalera function| ZuckJS function| close_video_ad function| avideo function| putReklamatBack function| injectfokus function| closestForFokus function| volumeControlFN function| nativeClick function| hasExternalLink function| deleteVideoPopup function| processNative function| processFokus boolean| isMobile function| Swiper function| __tcfapi function| __uspapi object| _taboola object| googletag object| _io_config function| fbAsyncInit object| TWAGORAINARTICLE object| admixTMLoad object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| __io object| ggeac object| google_tag_data object| google_js_reporting_queue object| hb_dmx_res string| reqCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| adUnits object| pbjs function| initAdserver object| domHelper function| triggerIframeLoad function| triggerPixel function| pbjsChunk object| _pbjsGlobals object| _qevents object| Adform object| _adform object| adformtag object| _fscope object| __tagmanjsonp__ object| DMVAST function| AdPlayerPro function| playerPro object| TRC object| _tblConsole undefined| msg object| admixTM object| FB object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| iFrameResize object| ProjectAgora function| postscribe object| google_tag_manager_external function| onYouTubeIframeAPIReady undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| regeneratorRuntime function| __tcfapiui function| fbq function| _fbq function| ClipboardJS object| Article object| Breaking number| screen_width number| screen_height function| calculatePosition function| popup function| fbShare function| twShare function| menuShare function| viShare function| messengerShare function| linkCopy function| videoSwiper function| storySwiper function| initSwiper function| swiperInit function| changeGalleryImage function| initGalleryImage number| fokus_offset number| offsetBy function| string_to_slug number| timeIndex object| shifts function| timestamp function| stickyAd object| stickyContainer undefined| sticky function| _calculateScrollbarWidth object| Menu object| ModuleTrending object| MostRead function| decodeHtmlEntity object| Related object| SocialCount object| Stories object| Tabs object| Trending object| ZgjedhjetKomunale function| empty function| htmlspecialchars_decode number| l_left number| t_top function| triggerPopup function| getQueryStringParameter function| updateQueryStringParameter function| getCookie function| subscribeSubmit object| wp object| excludeIds function| webpushr object| biskoInitializer object| bisko object| gjdmp object| biskoQueue object| criteo_pubtag object| criteo_pubtag_124 object| Criteo object| Criteo_124 object| criteo_syncframe_state object| jQuery111003585676684688237 function| loading undefined| _adform_cb_1657709304601_44748482119858846 object| google_optimize object| webVitals function| HTML5Player function| BPlayer function| BPlayerUI object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady undefined| _adform_cb_1657709304763_9851052392498931 object| heatmap function| _webpushrExecuteHooks function| _webpushrSetCookie function| _webpushrGetCookie function| _webpushrBrowserSupport function| _wp_registerServiceWorker function| _webpushrCheckPermission function| _webpushrGetPrompt function| _webpushrNotificationPermission function| _webpushrGetPromptDisplayTime function| _webpushrShowNotificationCenter function| _webpushrShowPrompt function| _webpushrShowCustomPrompt function| _webpushrShowSubscriptionBell function| _webpushrRenderCard function| _webpushrShowCard function| _webpushrNotificationTimeToLocal function| _webpushrPermissionResetInstructions function| _webpushrPromptAction function| _webpushrToggleEditNotificationPopup function| _webpushrTrunNotification function| _wpCheckSubscription function| _webpushrRequestPermission function| _webpushrSubscribeNow function| _wp_urlBase64ToUint8Array function| _webpushrSendSubscriptionToServer function| _webpushrPromptImpressions function| _webpushrNotificationCardLogs function| _webpushrSessionLogs function| _webpushrDisplayPrompt function| _webpushrCustomPromptEvents function| _webpushrBindBellEvent function| popup_notification_clicked function| _webpushrShowSubscriberCount function| webpushr_display_button function| webpushr_display_toggle_button string| applicationServerKey object| _wp_prompt_info object| q object| WebPushr object| d1 boolean| _wp_is_safari boolean| _wp_debug object| publicMethods function| checkRemotePermission string| today function| html2canvas function| _open object| admixerC boolean| pushed object| aml object| data object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| prompt_wrapper object| elePromptLogo object| eleApproveBtn object| eleDenyBtn object| eleCookieInfo object| eleCookieGoback object| eleClickinfoCookie object| eleCookieinfoData object| eleBellPopup object| webpushrUnknownBtn object| webpushrOffBtn object| webpushrOnBtn function| arrive function| unbindArrive function| leave function| unbindLeave

113 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 3c3614fa64574cc8923cc491eae08509
telegrafi.com/ Name: uid
Value: M1NW9GLOovdyJiYTuSCKAg==
.ads.futureads.io/ Name: am-uid
Value: a5fcba050c7c4e63864a764e9984acbe
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 186923677972495079
telegrafi.com/ Name:
Value: store.test
telegrafi.com/ Name: _io_ht_r
Value: 1
.telegrafi.com/ Name: __io_d
Value: 1_705468254
telegrafi.com/ Name: __io_lv
Value: 1657709304053
telegrafi.com/ Name: __io
Value: 502fbeab2.0717eeee7_1657709304054
.telegrafi.com/ Name: __io_session_id
Value: 21854aed7.8887995c2_1657709304054
.telegrafi.com/ Name: __io_nav_state42744
Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22telegrafi.com%22%2C%22previousDomain%22%3A%22%22%7D
telegrafi.com/ Name: __io_unique_42744
Value: 13
telegrafi.com/ Name: __io_visit_42744
Value: 1
.telegrafi.com/ Name: _gid
Value: GA1.2.1734121124.1657709304
.telegrafi.com/ Name: _ga_VLYQGEH6F0
Value: GS1.1.1657709304.1.0.1657709304.0
.telegrafi.com/ Name: _ga
Value: GA1.1.2040249995.1657709304
.telegrafi.com/ Name: _gat
Value: 1
.telegrafi.com/ Name: _ga_GGFDBX585G
Value: GS1.1.1657709304.1.0.1657709304.0
telegrafi.com/ Name: am-uid
Value: a5fcba050c7c4e63864a764e9984acbe
.exchange.buzzoola.com/ Name: uuid
Value: 807727de-ffb1-4357-7dbf-8a4e7fcaa753
.adnxs.com/ Name: uuid2
Value: 5528122310733549132
.telegrafi.com/ Name: _fbp
Value: fb.1.1657709304912.1153843064
ads.us.e-planning.net/ Name: CT
Value: 1
.casalemedia.com/ Name: CMID
Value: Ys6i.ECuMi3VTmiGsMFpgAAA
.casalemedia.com/ Name: CMPS
Value: 5135
.casalemedia.com/ Name: CMPRO
Value: 5135
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2ImHvx/1E!@wnfH8KVeQJ4!t=0QaB2RK=0cxoP`7T?#4gm3jZ/lpHp/m>BpdFcnw1=8@Li=^8V/X%W#.wL4W1Qw2iWjn`U
.e-planning.net/ Name: E
Value: AEMDRDDBcfVjlVcL
a4p.adpartner.pro/ Name: apuid
Value: 32ce30ec-324d-446d-8fd6-028b5129a2d4
pa.tns-ua.com/ Name: uid
Value: Z12E6394C6AB486BB18894D04A34E2CB
.yahoo.com/ Name: A3
Value: d=AQABBPiizmICEPDT3iO1ACiXNZKvs8sGzegFEgEBAQH0z2LYYgAAAAAA_eMAAA&S=AQAAAmnsWkT2mQmpXAgeiFEXC4A
.bidswitch.net/ Name: tuuid
Value: b4fdc90e-5e78-46aa-98d2-effe521895f3
.bidswitch.net/ Name: c
Value: 1657709305
.bidswitch.net/ Name: tuuid_lu
Value: 1657709305
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 5cbcf275-b31c-52c2-918f-bb5af34119a3
.betweendigital.com/ Name: ss
Value: 1
.creativecdn.com/ Name: u
Value: YXN7aHyYsWIs5vPs2uLn
.creativecdn.com/ Name: ts
Value: 1657709305
.adx.opera.com/ Name: UID
Value: 19035b9f63d54527bcbab9170864bf63
.analytics.yahoo.com/ Name: IDSYNC
Value: 1985~25zm
.betweendigital.com/ Name: ut
Value: Ys6i-QAAlHB12YLp0_AYwktn4656bID1Ae2Arw==
.quantserve.com/ Name: d
Value: EAMBDQHNJv7KwQA
.quantserve.com/ Name: mc
Value: 62cea2f9-0fd4d-e6407-8894f
.zeotap.com/ Name: zc
Value: dc9656c9-b4c5-479e-4b6e-502d4babe100
.casalemedia.com/ Name: CMST
Value: Ys6i+WLOovkA
.admixer.net/ Name: am-uid
Value: 3c3614fa64574cc8923cc491eae08509
.w55c.net/ Name: wfivefivec
Value: 8HoJCylQ1ObzUR5
.w55c.net/ Name: matchcasale
Value: 5
.lemmatechnologies.com/ Name: uid
Value: 52442b0e-0299-11ed-9598-801844df0ab8
.yandex.ru/ Name: yuidss
Value: 3878327321657709305
.yandex.ru/ Name: yandexuid
Value: 3878327321657709305
.adfarm1.adition.com/ Name: UserID1
Value: 7119807251255851151
.tapad.com/ Name: TapAd_TS
Value: 1657709305245
.tapad.com/ Name: TapAd_DID
Value: 07f3ea05-5353-47f1-9050-c2a0374095ff
.tidaltv.com/ Name: tidal_ttid
Value: 114c1a0a-dfe1-45ea-b979-9e540808fd51
.weborama.fr/ Name: AFFICHE_W
Value: JG@r2zEe4b8k20
.demdex.net/ Name: demdex
Value: 31926936000866726094050903290960242782
.theadex.com/ Name: axd
Value: 4299700783325679954
.theadex.com/ Name: tis_jQL
Value: jQLeArwy
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjQ3tzK0MAIA3RMctQkAAAA="
.dpm.demdex.net/ Name: dpm
Value: 31926936000866726094050903290960242782
.agkn.com/ Name: ab
Value: 0001%3AoZD2AGeNfjnw9Z0x4ODCtj2r3M3GcjxN
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.richaudience.com/ Name: avcid-zeo-uid
Value: dc9656c9-b4c5-479e-4b6e-502d4babe100
.doubleclick.net/ Name: IDE
Value: AHWqTUlnohuAJATU_MaqxX3nxHUXJLMtmuLg9hwWt1dZV7dC8-P2nGpJl95A49iSGYo
.krxd.net/ Name: _kuid_
Value: O9F885IU
.mathtag.com/ Name: uuid
Value: ccc162ce-a2f9-4400-957f-715ec1ebffdf
.company-target.com/ Name: tuuid
Value: ce93922d-f60d-4399-ad60-10496c53bda1
.company-target.com/ Name: tuuid_lu
Value: 1657709305
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ys6i_QAP_xUYAQA2
pool.admedo.com/ Name: tuuid
Value: 4a3b6cc1-cb91-430f-bd81-38bc70a0b3e1
pool.admedo.com/ Name: c
Value: 1657709305
pool.admedo.com/ Name: tuuid_lu
Value: 1657709305
.openx.net/ Name: i
Value: 9a26a0ac-891b-4151-95d2-847901bb9857|1657709305
.csync.loopme.me/ Name: viewer_token
Value: ed11beac-a887-4694-bc0d-d91cf4334b38
.zeotap.com/ Name: zsc
Value: %88%09%04Z+%ECN%03%93%0D%3D%DA7yH%14%91%BE%3A%16%A5%84%D2%02%D9M%25c%C3%9A%06%FFV%C3%9BH%8C%E7%B5%40%2C%3E%F8thRGh%C8%21%3A~.TU%BE7%EED%1E6l%83%8A%C1%21%90%8E%12%5E%3E%7CW%B8k%CA%13%11%19%A3%E3~%F5KE%EC%40r%B7%E0RS%3B%CB%C7%BEa%B7%5BG%E4D%EEw%FB%E0%08%C2%BD%E8%E1%8B%F1%1C%05%90%00%E4%8D~%9EV%BD%B9%1EP%11i%AE+%09%A9%B1%C3%CD%B2s%A4%EC%0C%7B%D0%D2c%CD%3A%DF%EB%12%5Cy%B0hZ%8C%3F%81R%F3%06%EC%9CE%E1k%A4%8D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5ce69f38-0e46-4fb3-abfe-929b7371af19-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.360yield.com/ Name: tuuid
Value: 0c7d51e7-b467-4627-b26e-4914d9492eed
.360yield.com/ Name: tuuid_lu
Value: 1657709305
.casalemedia.com/ Name: CMRUM3
Value: f162cea2f905a0&2d62cea2f905a0CAESELj62gLqi5SBL9V6xjIYa3Y&4962cea2f905a0&b062cea2f905a00&2962cea2f905a0&9862cea2f905a00&c362cea2f92760av-0c302616-a143-4443-a09f-99d5f1eda58d&0462cea2f905a0&8262cea2f9a8c0&2f62cea2f927608HoJCylQ1ObzUR5&1262cea2f92760ce93922d-f60d-4399-ad60-10496c53bda1&2e62cea2f905a0&5a62cea2f905a0&6962cea2f905a0&2762cea2f90b40&e662cea2f92760
.gjirafa.com/ Name: __gjci
Value: a1b6ce7d05f441f59efc4f78123204a2
.gjirafa.com/ Name: __gjbi
Value: c603bd02c08c47f7b42e12ae1a6e11aa
bisko.gjirafa.com/ Name: __session
Value: 4ee9c2b951da465984e1479dcfa68f0d
.simpli.fi/ Name: suid
Value: 5531495DEF784AAA9916909CB43F5844
.turn.com/ Name: uid
Value: 3024677144009176105
.fwmrm.net/ Name: _uid
Value: "e4cac_7119807251250670977"
.bidr.io/ Name: bito
Value: AAEaxE7FnUYAAA-CxqF0jA
.bidr.io/ Name: bitoIsSecure
Value: ok
.adtelligent.com/ Name: a584890
Value: 5528122310733549132
.adtelligent.com/ Name: a319130
Value: ed11beac-a887-4694-bc0d-d91cf4334b38
.adtelligent.com/ Name: a307971
Value: AEMDRDDBcfVjlVcL
.adtelligent.com/ Name: vmuid
Value: ca25579a7f547ed0
.adtelligent.com/ Name: a307558
Value: 32ce30ec-324d-446d-8fd6-028b5129a2d4
.adtelligent.com/ Name: a297253
Value: 5528122310733549132
.eyeota.net/ Name: SERVERID
Value: 18026~DM
.adtelligent.com/ Name: a309255
Value: 7054103a-9903-4d4f-a488-8c84e4c76927
.adtelligent.com/ Name: a289656
Value: 0c7d51e7-b467-4627-b26e-4914d9492eed
.adtelligent.com/ Name: p440467
Value: 3c3614fa64574cc8923cc491eae08509
.audrte.com/ Name: arcki2_adform
Value: 186923677972495079!20210804!1657709306034
.casalemedia.com/ Name: CMTS
Value: 5151
.admixer.co.kr/ Name: __auid
Value: 12969a38c6a9848ead4b4d00285ec4e2
.admixer.co.kr/ Name: __puid_103
Value: a5fcba050c7c4e63864a764e9984acbe
.admixer.co.kr/ Name: __id_utm
Value: 20220713
.admixer.co.kr/ Name: __id_inf_103
Value: 0_a5fcba050c7c4e63864a764e9984acbe
.audrte.com/ Name: arcki2_TTT
Value: 1657709306146!8h56piAqn6eQMaG5CF0a8U3ig!H4sIAAAAAAAAAB2WS7Jepw6FB7PbVIF4Sc00buNWKmmkMgFAaP5DyMfvhn1ss0FaWg/lcaX6OsnlWqqxVzIpK22rx3t1ibK/3XZb5p720p5aviXtKpVDnOo+b8vxlZ0lejtJ2tqp3eLJbuTUfEQtJ/oO+/TEqsIlt0pLrY6R1q0lDbW4p+xyZ/5q3KgzTsojeqoWlmysm9zK7W1kNS9f2J5Xyk1tiSX+VdIyoXDtxefKs971ye1H7Ug6d3Bo35520Z24Yqv3uDv6Z9dWW2OnFVNT1W5pndGTnVHmLe3mFt+odeejOc1sFG53p925Ts/Mdfs85vqNM+IOpaZsIzVpPa0eHA/p5ZSc92rfzleamiZfFTDLGcnWrknbqsPWuCrxdfUC8i1NrVx3uc5AJw3Jvs9ZLXR8416XJjN1EEmtb6Vmn0lrzXff7Hmfb6oKoPKv/MQhDwbcTyq1WbjsUm/5vFmJQzvhg+esBgMeOR1ocLN27q5fc1jQKLfPQ0+NQ2oCc+5dJ8r0FfqtEOpcnviuAIFvZsdzfhhRrNMDxO+5Mr2ulL1OIMiQLucMBOHVdtfl/l0rGfq1tFblubkAu7ScVub6TUuq9vE+bBsw88K8duqgzwMz8+lN196641tn7jkWN4mAeINUe5+dotY56jygeL/pFmI8N6vzXN4wc/PwLQx0+7AI/1ab++RqaVQeeapIa/Sd5PTTvNTgCmaHCoo2IKzwyZVyCnciDx9beoZKgNl0P4hEHliex1PTSrPAuaznuJRvvhtmFwhSERLoc+is1IfbaYpwIz7X1uDMTbYfmMckKSKACm1Nj9HztU9CDbq0NIzGm+yTlIEzwLYnFeZ657dLD3Fk3oLZtvv4pJYTGs/dJvqW+llv897jKHhxyHt7kutwMEuGfavM/lNw6wbOWsZzAMopnkHkNFPZ1pp+Z2xdMsFxHGbnQp9zW7rh7TatkTlU8YgeoHOO/A4x6rofR4cowsVaAi8oBilqGncwO0BO1gFTZlM0rptfH0KG7L3CAjTS1EGsw3HIey3GmCjxkw6xBD7hTBxCIkk90+LIQzf911k/iE5HCk75/TYhgAJEGkVKkVsNn/iW6joiAeJK4Zua1sqYzIjsq7VnQZ9hXrf2SI/sqfZZwKlW7EpnzXLi1Pl18L6H/5KZ/RV+aKE+93XjEaWA+VEfI6Znw7IY4PNxPDCpjm5RfE3xL98+4URLYZPuZntgwOZt/LGLjLru5xl19tlSgYKvxfZ8/OKu56ABLIzCQ3b2wac1Y1L1PPoi75Tx/di+eW9+VOahTZKXR5XMddugvC7ckG+mnYKxQsB+PeFscByXTLsxG80dtXUvCgRAdMuCubYHYA7yynSgljCtSxqmoZ/eQNWiSWgHxHH8NeymsooAp3a0/j2LyNhx6ndhh2txSMC2R93GDz3L+qIddw1PA99gLDBrvYA5vdORix2czpsrE6fS8MIhXbAA+m2HAXhxaOSvIbzxep7xXEV+9C0Td9wXZA68ITYGCbpaSedn0YF49xPPQGkdEOH2+TDJtsAMXZOH2Mdz3ztTEJnRhzozw3rU6IHZ9edPmfjVSVQ9xcn1NifWc+vcesrLrpdSldzfJyZpqw5yw4e0r5e9syF+u6+mSjJqh3RrNxaGh9Xd39F1W4f+sA8qlMAzR+OvKnKqCSFev////dcf//z5v3+5BBODw8PKh+ggEME8ZDKrXl56X4h9KWDpxXGwGhGDyQc5kI9N1jPSK6kca6TuyDT0+baC8VCjBofKeqaFnzxvuPtlYCHicd2MKz5nfGtHL4iRjYIWVQzp75ZJpTWWq6ROBDEhJKAdo7OYgZTKU/33dowMX5kQJK2V3cU6CBtPyMD1Q/J34qLelwuGweBH9nYTIXX8Fl0VJ/HvnHxk4MEynt8IBqKyFi1IDVTZhrevKq0V229V4pANWlhQPNYdGY2RBPqFHvSWa8rnBY5huUQilpsLwVKoyvsHMfLagdX4c9uAOvZWvscYkB+IXz/JG7dbhT3guW2vz09ADGIiJedUlI8gXzfAiZB8WeLsJvIQB3s5EJ8dBj/CCPwtiuyFQNA8rQLJujVare0XE3ImqTKp6e2NJMNvNxkp53vwbih27rf75nO+J3lwkS75xQTdGVXcVeutjOUcDOE5J5xJFc0kc0yr4yyZbGZO/WPkh6/Y4d4C1Jw1dTl8yrhaCzTrjcwtucdmI9m92asJMU6oEsBGTr0m2ifrkJvlvG0RI4VkzBbEBHqzccYjz38u2kfgWgsAAA==
.audrte.com/ Name: arcki2_ddp
Value: CAESECL4Nj5M8bxOFSpauiYT8wA!20210804!1657709306252
.audrte.com/ Name: arcki2
Value: 8h56piAqn6eQMaG5CF0a8U3ig!20210804!1657709306503
.console.adtarget.com.tr/ Name: vmuid
Value: 62570e5211e85bda
.console.adtarget.com.tr/ Name: a307457
Value: 186923677972495079
.adtelligent.com/ Name: a318342
Value: 62570e5211e85bda

8 Console Messages

Source Level URL
Text
javascript warning URL: https://adx.adform.net/adx/?mid=621729&rnd=native1
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.adform.net/banners/scripts/adx.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://adx.adform.net/adx/?mid=621729&rnd=native1
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s1.adform.net/banners/scripts/adx.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=dc9656c9-b4c5-479e-4b6e-502d4babe100&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dc9656c9-b4c5-479e-4b6e-502d4babe100&reqId=1616dcf2-d06b-4183-63a5-294f17092122&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://telegrafi.com/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.futureads.io
ads.pubmatic.com
ads.us.e-planning.net
adx.adform.net
adxbid.info
aghtag.tech
an.yandex.ru
analytics.webpushr.com
ap.lijit.com
audit-tcfv2.cmp.quantcast.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
biddr.brealtime.com
bisko.gjirafa.com
bn01.er.bemail.it
bot.webpushr.com
brightcombid.marphezis.com
btlr.sharethrough.com
c1.futureads.io
cdn.admixer.net
cdn.onthe.io
cdn.taboola.com
cdn.webpushr.com
central.gjirafa.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.analytics.yahoo.com
connect.facebook.net
creativecdn.com
cs.mobfox.com
csync.loopme.me
d.adroll.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu6.heatmap.it
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
gjstatic.blob.core.windows.net
hb-api.omnitagjs.com
hb.emxdgt.com
i.e-planning.net
ib.adnxs-simple.com
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
match.deepintent.com
match.new-programmatic.com
match.prod.bidr.io
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
pa.tns-ua.com
pahtuo.tech
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
ps.eyeota.net
quantcast.mgr.consensu.org
region1.google-analytics.com
rtb.com.ru
rtb.openx.net
rules.quantcount.com
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.console.adtarget.com.tr
s.e-planning.net
s1.adform.net
s1.v-player.net
s333.adxpremium.services
scripts.futureads.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
serving.stat-rock.com
spl.zeotap.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.extend.tv
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
telegra.fi
telegrafi.com
test.cmp.quantcast.com
token.rubiconproject.com
trc.taboola.com
tt.onthe.io
u-ams02.e-planning.net
u.heatmap.it
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
104.111.215.191
104.17.120.107
104.18.18.126
104.18.19.126
104.254.151.36
104.26.0.156
116.203.211.129
142.250.185.226
142.250.185.98
146.0.227.108
146.0.227.110
149.202.74.47
151.1.205.165
151.101.194.49
151.101.65.44
152.228.222.122
159.69.141.123
168.119.149.178
169.197.150.7
169.50.137.184
178.250.0.165
178.250.2.83
18.196.115.149
18.198.69.109
183.110.238.136
185.15.245.81
185.184.8.90
185.255.84.150
185.29.134.244
185.46.149.20
185.64.190.78
185.64.190.79
185.89.210.90
185.89.211.85
188.40.115.111
188.42.191.196
193.200.65.6
194.247.175.26
199.115.119.227
2.18.233.201
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.234.175.175
209.205.197.154
212.129.3.113
212.82.100.182
213.19.147.45
217.65.2.150
23.205.235.133
23.227.139.243
23.227.146.18
23.227.146.234
23.35.236.201
23.75.240.210
2600:1f18:6593:f602:96e:5500:bf36:df5c
2600:9000:2057:f000:3:a4cd:8380:93a1
2600:9000:206f:4a00:9:46dc:4700:93a1
2600:9000:206f:4e00:6:44e3:f8c0:93a1
2600:9000:206f:6600:9:46dc:4700:93a1
2606:4700:10::6816:1957
2606:4700:3030::6815:1b4
2606:4700:3030::ac43:c0ad
2606:4700:3031::ac43:a8b4
2606:4700::6810:7daf
2606:4700::6813:ac6c
2606:4700:e2::ac40:8115
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:803::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9c
2a00:1450:400e:800::200a
2a02:2638:1::3
2a02:6b8::90
2a02:6ea0:c700::11
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:24:b002:d4fc:f527:7aed:872f
2a05:d018:d29:3602:d584:42d3:abd8:529d
2a06:98c1:3120::3
3.121.27.153
3.126.56.137
3.33.220.150
3.64.108.197
3.67.149.72
31.28.167.114
34.111.131.239
34.192.82.213
34.199.163.65
34.204.132.155
34.204.146.63
34.248.26.113
35.157.194.177
35.159.35.35
35.173.74.115
35.210.53.219
35.227.248.159
35.227.252.103
37.157.3.30
37.157.4.25
37.157.4.28
37.157.6.235
46.101.145.111
46.105.202.39
46.249.52.249
5.178.65.246
5.178.65.252
51.75.86.98
51.83.220.94
52.239.139.164
52.31.203.171
52.46.155.104
52.59.38.241
52.95.115.196
54.155.65.255
54.171.137.8
54.220.48.180
54.229.14.30
54.89.128.231
63.251.232.165
63.34.119.235
64.225.44.23
64.227.60.121
65.9.66.122
66.155.71.149
67.202.105.34
69.173.144.138
69.173.144.139
72.251.249.14
8.2.110.114
8.2.110.206
81.17.55.113
82.145.213.8
83.222.114.186
85.114.159.118
95.217.114.174
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7
0191a4319fb580af4bce2c8c7d3b24506fda7c4bf353bfebd47338c02772f791
044316373e018c29ee8a1138fdaac42494514f8f7da4e89da024de6d568a50f9
072e9850774236e199dadc50f2e72ca2e89d1edc9b955cbafcdf6bdf6959afcd
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384
08a419097a34d430f2196d91303f50dde25ca85c21af4a34b17df245d5c97381
0957311c8318f0d2498805c7bccc65cd0c86c643e12ed83031452e5f91152e4a
0a180e57c8c3e68dca64c124c13a119bf547aa1f516d6eb16a8c224469de07b7
0a87427ac209e07ae49c05fd46a04f9eed7a0b8c9d5b8c85bb7700d72640e840
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d59f6d440aa389beeb64a47c6eea69e475e757c769e1f2eacde2c5ad1611f77
0ddb33c5357ea6bffbb48ef3e384b9a3011a7c09e81cac8e58909b190a42fdf4
0e1548f442801895a837c8c9d4d61a52592b674dc7c3eff735c3f75d2bc5a262
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11364d0061c53e3b2f6c0ce2fa70d7961f0d06fe5939d3aadb4e8467fac1a980
11bbe12f07e2a377919a4aecf542a8af006b6f7c5be189a15f75a9ed6062a14f
11c394fe3a9ca0ddd99fc11e649c1bbf7870ff6fcb801e7820aad36de044ecee
123d5bb068d6e47ee6e2abce8a76be062be77c7fd71dfdfb59c87d2a0def6e84
136ddf394493465215aa32a08a1725c1ec56e73808070bf34d275a2ea5276c30
13ba2c6b79b0dc71071075e9a023422bc6efbeb962680ecbaf1f7ddd0efb8387
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14eec7295e73242aff774c5b71962ecf640f4bcda0ce68df52a283c8e970613f
15553cfdd897a403b496c8f94b61ac558c78b126158d0cc3ecfad5c6d8d51907
1558dd08491401e8c243d7a95071d576fe60d044158e6a0066a53a4b37e68e7e
1563725efea0b242461be6f0c95fc0ccd831d4ad697b13e0314563afa08248be
158247d9db7d1660e068afffde76af9d9b79689585551e45a00abae2c5cc9bbc
15b8a67c0bf56f37c1f28f00fbca7cc214b5102ff617a8089e38fa092e4a9c52
16f6d03b79037c7fc9840607c6cfa94a25e2aa70f6e67eecfc7e1f992343f997
199fb21b3ebc707aa9045279d3f380910ebe9194b8f4afc54d85ba28e1ee715e
19c18de6057fc7ffd54c5692ff29eb8ff65b4714f5852e9a94d844c3f752f061
1b075484913a2680cf7083c958be659a120f367ed7081a647ddc9461782341c8
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1f995b1ac3daaab7b52443d2bb70f9ec7efa660dc7f6de835eb2959aa97ef145
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2052a98d21f5e81883d8cff9c8568c640c7fd32c44a7046f52fea5d5c2bb9746
20df0d19a2a73656afafb4db8817570968c3f9208cb2be2695531b850692428d
23215c2c28bbe8e3ea1982d6dddbe2580fd33e82d2c98f2e202b370a46cb0d91
238a3f48f4f7805e1ec6a74bbe565e58ff8a14825250145053e25d00459502bc
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24a0c0c9a82cb09d51fcba33f758195b55fd1f5637d673d63739ba66c355f6e9
2586f40a4a7a97fc0ff4eabf9dee9c3f2ea7bc7020543a317c6383cd75250fb5
2710c2ab885339bb0189863e235a09b94be061cc4495afed1d149c5a1f176ffc
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
284e2caf9a7bf81759b1c6bbafe4f8b64ac8e611a94e8380f0442ce2c0fdc8cb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2cc096b6c033c55a963e040106ca8d1b26bb0370eb3044bda1a86fe80d912040
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2daae0c04eed05f051bccd667c1defc815d84ebd5474f897300d84fbf71b4104
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e732058a59f791d205e1c3c55843b41df607167a3abde1ee86d92e6b6c181f2
2f214d9a0777b80deaaa0c058960f74c1e9a9bcc19a386d816e69c0b9b4e3477
304f1a96d07319d2d0c8be0de2dbaf1ba94d0aa24ec55d2246136d7f87b5e5dd
3060f045a5b97a11ef82f4b9fa464835d619d74653edf866917128ea16c13c3e
31818a5675ca22d54c9bf2ec2deedb880513e9d7ac1ab50b52808012018aae7d
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
322c6f260c65efe226ff992107dd9f6a23a179ed5860c86e313a9c577fd0b77d
327a358dd32a68dd2ee27bd9e11e2590ed13a666b11a59a95c79d858ff02775d
372cf6345a8ee5bc7e305fdc44c5ac7e484c1395580a2a9916d3784dc3eb5d97
373b6532bc126002fc997f7cac58e00c53ad55e1d9917dcdc962ede7f7d8fafc
382155cf8d19f23bb0b53d6e13c0c80dee303ea4e25c2cd21aa213ca77eb7ad0
3d3ac56ea7009181cb686ac18512efc3c94e6509c3920cea8e768c12fcfda6d1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f47780ac6a0cd5da2d08e3d14d6c5fd05cb359a527f056bdf3a627dd814bfb7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41854f41fe85020edc0377130d956283c0c533e9996e3a7e3aa7e909f93dc954
42e57d256f2af5646592276686b5f376b2a8b76c24a73bdda9245724ceb90bcd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ad315912c9335a551e38342e439c1cf8c66a45513ec1b2fcb2133be074b86a
4652aa3cee37b817c2e9b54bcf432a466c65626d8c4ee4d9abcfe55bab9bb39a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8868aa4085fa88d0564e3b86f75f856e101d8f37ddbc6be6d380ea127fdeea
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
535991739367153716bba43fc9ace50550573538a9fe076ca7921172b2ae346e
536222675f60b0ab23cc24e3fdee65eb828e46eece1a95b95f3180a340c07299
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1769eb2da0d19c46a5d8f8b05f0673c50d9f075db89e859f9bf3e49e685f9
54a21de8e50cb5fec4d27925459bcefa46d0dfd9be177eaaa765fa1ec9c9c649
563c7a9f3505a29556cb5d373d27b9d15a5390441434a10fceed3399738435fc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b12daaacd20016e117bea984f6fbf3f0791d9148407cdbd403ebf1be6a821d
579607db349d8d62676b9b7dc2e3e9485e91b71762fdee5d01de6ed5970684e5
582abc8129fdb3c0b62923088fe34ec00d2ee66870ea16303615013d4a28901b
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4
59c4c68fd162622a12e08a04842258942da46f034afabb17b18d276cb10144f6
5a3fdbc2baecc353524e3ad20f5ea635bcbef05fa2b6fe1d79762bc1974d450f
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5da93a943774fde37c709eba1c21fdd4eeaf72b69e50df7da0e28a0ae1f54917
5fa9f6ef3fbf961d74dcfb0994fa50395d11176e71dfe14473e2696eb7d87851
6018d33f57979c14424f63e51f4ab5108e9e0abeae912703ebf8312be0ed7334
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6463627134cc4c1d4a2a6074dbc030929369ce6c318ada0e3f246f3b6f806828
65610d6d65ccfa036081e3a43bdb130d29ab1491f43b18899ea1bb00f6ff9e54
66078495f7cb24e6c59bc1a4e8e1ba63800dd8b7669a1b9201de1194d201aa9b
66c585b20a808a86544de8a30986d414790a235565c0f258a6906e8ab95a1ea3
66ce23b6c495164250bbd0e529c97ec49d04143f325310ea9323e74453687f86
66f92c689cc98a863f58f7c2db1272ed94baccf8d51489d2fc42416c07d054d5
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
691ad86b13d066ed5cc6e4bbf488d9b21b0800b56c6331614f23f63622529032
6aa1cf625d2bc63a5dcbbedb7024dd95c5336e6277fea140373f7d10604cb693
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9fe71e05e63690230d5fc96364a60e2ca70c51d1c957dfc44a9bb66c877f23
6d0862ce58a4d3d28d8a6755c40d61714fd333af6b4ce959ed94691a54ca3f39
6ee018ce0172fc5e60438c1a4f76dfac59dcd7a81fe35620b2de8218cd2f7f00
6fe12f443d57fba3f686959e72e430698b8a78465c198284f3e44900361cbc28
709f1d5d7779c30e0286b48d7d3720ecb62ca548971e1bd8dc5e6ba7a3620636
728d64fbf44839e154fbe8bec7d40773452e3d07c0fa1a0502b3f707aba80b9f
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7380b707ab23e6c6621b1ac5ceb56524da792844a4971ddbd083f159ab83baea
74c8f58d0dcb3fa0cadc586e3d74f93015f2218404cf01e7c33b060aa2bfd1c0
757611612659d3e1dcaca555c53c6cbf17f682d08e2b25e19679d8215d3754a3
759a7832652307a3887378304f8ef16b8a9390e48172cbcfba5b2e7a23923778
778228f5b225aaa035f565a75164b203b553c44589cf73827d57f21dd3a40465
7844cfb29c5da5aaf907a24611ae207eeee959eadeb087ce5d01713a4267cd2a
786c7eaded5e9987901e7e522fec4fb09ec5282d7050c4fa3634f6f17b2fb7d2
789326c627a7fd9462ab7c1476ed7fd69a4a4748be8297b2a2452d3108856db4
7a4d29dce5519df2320fce5517aa7f2bcbab836da8c03e9303c3e2f4aa822fa6
7c5b5fee66bf0aa5b21739d714f6609177e80d00cd597f48cc1a54af43cc9d1c
7d7962210b6e797e08c011395cf88eeff6c058253b4242b8c5256869f778597e
7de592619b09868359d4a54b5283a819c9f692947e12995ff9d4642ceed9d315
7e07140e4eb562b6f19aecb33cab48b3f7cb5ea1bd0ead0fc3e0ce5edf3edd7d
825c697cc8f4ae49d1e726e43453c0edd8097a0c774a62ef6c1883923946ba6a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8472eaafc1871e5c4aa257457bbb29cbc12a7040e01ca28f24492f61350ec451
84d9a2e41f400cbb300a768c3dadbe135030b023c88ca6831797993d223177a8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86aa97c6ec4f27b7f4d6d76289fbeefb6862e7860cec03af46f29041b34ef679
872fb6276caabbaa283518d8cc439ead7aac9420e8163d933e66f5bfc615745f
8738d001b03bd4cace70015b0778170701345279293709e2fce893f4d0c9c045
87cad1473595bfb68df12efa1a88bab1ee9bc823abe24d17fe4daf42f56e20aa
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8b2d13b8c3bf7c5162f9a3f5e304a440c68c19be35608e8b46928744bd1730ab
8ba695115c4b1794814a3040ab8024e5e2a11d8f5f9bf8a56edbcf400c2288da
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbb91179609d2add05a1c5015671d99d3611bce22536974c7a2fcca587a9d36
8e2d93d95a887c7049a48767ba91fb4d54802b9eb632fed06116967e5fa116fa
951ceeada7b03e2249ccab410fff2564e994c2421b9e053b11980c7c533de591
95a8f79ff49a970c149c4e4ec1b1019640e0fa1d419b85875850988c8c2cf0a0
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96fc0c6e493207d73128feeb3a8ca1f5a11c0274eddd3ee7c6f845ce6ed65e23
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9a01cf7070ca19a8f1c9c0539792449682d92dd5e57cf56609bf706364355f23
9b3643d244689aaa5666a06ad6bbf0f9d8bf68f3d84af730b782a499363867fd
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
a02fdcd2250a4da291e9f6eccefd36b64864ae8d27969225baa44199d8a520e8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24eaa87d394e82bf4c46c8fce9d490c95367a1c7366562b1c153dd5593e2531
a273072d4326cf4fff7510301462667c0c97a389b2428ca9f96a88316bec31f3
a38f13ec5ca51695bace8662872673f17b1193c3ad6c48eec354e132aa647dfe
a413599926d697f1b97c79da6ad1d10047aa3b4b81c78bae0799fe23f26f468d
a54bf38cbd1e24686b4d06e6eef66bdabe95db066455b22dfcf30a94d52fb9d0
a6eec22b25fd8a0cec0973204767e6b0e929c39590725ef3cc1b3c7dad2ad2a7
a704ca7d79dc17cdd9ba143e54b1bf2689950128c1a73243d821b17f31a88618
a9200a9a6ff37c4b8483db9f1427e1100fe34041bd9cc221c5eebeecae5a9560
a93597ee0a3879ad0a6c3f1036781cc8ed99dd38e6ed3d5e51549769f6b5cd74
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa77cbee930eec469fb8618caf32e7bd0ddc48fa8aabb6a64065441393c9fe42
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ab70462f7fc86e581c820919171ecaaba2392a10d3019a16a33e898dbe9e205a
ab9f91555b2ea64686089f3e2c1b194b92d474a2b2d92005d02e92d14515fef4
ac671921bb587a1c659e9ca00beb171ab78bc7534604a39eb0b836484963a3c7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af180a4a37ff0885ee05eb6e9a595f43e2a14eca137c58a9c9fc661ea47279e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab87dead82405e7357f7c03ced2b4d5d3cb991e3fc59587c22486519ad1483
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b57d4e0be0b3268f3ea6a54fd67e8a9391395b70e0dc1ae675193e65e6a009a4
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bbe175c94acefb8dffdaedb5527afde6c8200c8803ad6054cc6e9629e8f43f92
c03eb092e9cad0ac0ffee59adf08fb6780caadc10139e3f42bb33f4d5cb5200b
c05a0a9c05304d14d522be0847ae52ea4608ea6891bc55ddc81d9a455a194faa
c1dcafbe9407c301261985c3dfb80d73966d57e2bb5d67de978222cb8765e17d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c261e30a476d56f895b5a24412062f8d8a69ecf4b296d2428f4621901c4d42cf
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c4f53b889d96ccdbc8172b62e68a26038862f667649f3d3fd7b4486f8bb0dfc1
c73039e48544a1a82aa6d25ae9b3381fb2e5c008e7db9df9e8f637f1360f8b2f
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca8a3b98b45453c428c771a55165a2af9bf30399c7fa4b98ac7d8c8719533fd5
cab74b50a678924d424b937bb320c553b2e44aa01ac83a6ee7e8b4f16099f3c0
cdc3fcd2e52012d8f58f0db58f372c75d38353ee64a0eb6b722239884f689246
d0c1782bb0405f51160f875de409e8468cd5dfb46eb3dd5291633eede4050685
d1159c7004b5f1c260a0ee167fde25c69f996b8ae7849b953b216d9b78479a6e
d13a4ae6a1e30d3fa78651c1b2870fe09ebb2a8257272b117b70ca645e032531
d4ccc502e05bd3df04680ffde9c60b8aa39b1986a416e95bd28fd8c20ac6a3c5
d54a3408d13e5f55f45c073164693022a1f0e4f15baa0cfd16c6e99e6ea9fa43
d5ad596629b0775b51e76413761e9537218afe61ca110806d5d644134d7cc18b
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dfafea91f493eca20037c1de5a71ca243081d3d720d569a9abae2458ca0cf1cf
dff8ecd169fa62eacc291f76e08b1ba0d2738f872be73148e7fb7d138e20a349
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f189ce94a53b6316c93df795e04c79f2d0aaf5ae29cacf8dfcc6a3ae705f4f
e5c6b74aab138b30b1e7e29cc1377c646142dd133db41771266f8c6466e380f3
e7f423b225e6202de06913ffd607a71ea622478d518301f145f078adf9051db9
e87efce6ebd49c72c277ef4eb36004b2ef95c94ecd101c89c386fa7621f973bb
e9db129efb627cfb1f4f12fa5e2bd5a36c08adf9bb810e8f3270f34192fe636f
ea1dc07a8462adc1de680c13135b4e0365c1c6bb72ccce3f1899527618af0457
ebf25b6341443d677851c828ed0b7f276ae756e817919513f205bc4cb9e3248d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec57410da13a8b8b85d7cbceb0028fe84243ee79b2e40f911ca7e9b9c978a51d
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
eec64baeb76931e678e4eba87b27d78ab00c3acbf68256769a0e58a0513162f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7db8fb10b0965cd198087e1d5439725c6ff10f73844485c4724603cb1cb8d9
f36da9bfaaa5a6f4cf6c9a3fe651af468bef6d9cc8f58fd877ca3c2c05a18870
f38b0ea3442870ad5a94f7e3ae1903b9914b34b816574364a06c867093cf8c05
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f5d7077a30dfc7c91cff8cdb8af3b8db14ac790cf886d6127c2b4f63648cfa3f
f5e9acecf4cabb0c0b5880b84dae2c7f538c2d8dd8a1e96697d92173a3b40a4d
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f807875fe162645fb0b07a2c863bd6d72938966662fb4068e4b9fbc5ffcfb156
f9b38432d34fcdc4772ef5375d0d23871ad0f650dae84b0960620b4cb3de44cc
f9e146cf548483ff23de03f7df499088925b151a115865bf5eaeb976e4e44d4a
fae7c4ebd512de69c70ed18d1e99454171546fa7d6c8d3a16b1cee5c31098f63
fc16de6bf84700cfa5585b27ecc0215bac82f1c04d332a65e691fd2705ab0b37
fd6e08d5b2f4112a6817f301788849cb7ce7ee3c9d90cfcdf3ae1df11fdfc9d4
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe7156d8e7be5cbb3506804b16a96f73591ced0d621a6b5f34ca88119d191b8c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995