urlscan.io logo urlscan.io
SecurityTrails logo

telegrafi.com Open in urlscan Pro
2606:4700:e2::ac40:8015  Public Scan

Go To Rescan Add Verdict Report
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Submission: On May 13 via manual from AT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 12 countries across 91 domains to perform 305 HTTP transactions. The main IP is 2606:4700:e2::ac40:8015, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegrafi.com. The Cisco Umbrella rank of the primary domain is 327813.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 19th 2021. Valid for: a year.
This is the only time telegrafi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 2606:4700:e2:... 13335 (CLOUDFLAR...)
6 2a03:90c0:41:... 199524 (GCORE)
8 146.0.227.106 29066 (VELIANET-...)
3 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 52.239.139.164 8075 (MICROSOFT...)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
3 199.101.135.227 40824 (WZCOM-)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 31.28.167.114 15497 (COLOCALL ...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:236... 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 46.105.202.39 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 46.101.145.111 14061 (DIGITALOC...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 37.157.4.41 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.184.8.90 204995 (RTB-HOUSE...)
4 9 185.33.221.87 29990 (ASN-APPNEX)
2 216.52.2.19 30282 (AS-INAPCD...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 19 104.22.69.131 13335 (CLOUDFLAR...)
13 3.67.18.163 16509 (AMAZON-02)
9 2602:803:c004... 26667 (RUBICONPR...)
2 178.250.0.165 44788 (ASN-CRITE...)
2 185.255.84.150 200271 (IGUANE-)
2 172.67.71.111 13335 (CLOUDFLAR...)
8 18.196.121.26 16509 (AMAZON-02)
1 52.58.67.200 16509 (AMAZON-02)
1 3.222.163.155 14618 (AMAZON-AES)
8 81.17.55.161 60781 (LEASEWEB-...)
1 146.0.227.109 20773 (GODADDY)
1 209.205.197.154 55081 (24SHELLS)
2 7 69.173.144.138 26667 (RUBICONPR...)
1 2 2620:116:800d... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
1 149.202.74.47 16276 (OVH)
1 2600:9000:223... 16509 (AMAZON-02)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.121.92.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 64.225.42.52 14061 (DIGITALOC...)
2 138.68.235.115 14061 (DIGITALOC...)
4 152.228.222.122 16276 (OVH)
6 104.92.74.8 16625 (AKAMAI-AS)
2 2 213.19.147.44 26120 (RHYTHMONE)
3 4 35.227.252.103 15169 (GOOGLE)
3 3 35.157.1.22 16509 (AMAZON-02)
3 3 74.121.143.240 ()
2 66.155.71.149 13768 (COGECO-PEER1)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.86.137.131 201081 (SMARTADSE...)
2 2 34.255.242.195 16509 (AMAZON-02)
4 23.35.236.201 16625 (AKAMAI-AS)
4 8 23.35.236.247 16625 (AKAMAI-AS)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a0c:5c81:509... ()
1 104.17.120.107 13335 (CLOUDFLAR...)
1 2 5.178.65.246 50673 (SERVERIUS-AS)
2 198.47.127.19 3257 (GTT-BACKB...)
1 1 23.88.75.187 24940 (HETZNER-AS)
2 2 18.156.0.31 16509 (AMAZON-02)
4 6 37.157.5.142 198622 (ADFORM)
2 185.64.190.80 ()
2 2 213.155.156.164 1299 (TWELVE99 ...)
5 104.36.113.107 ()
1 178.250.0.163 44788 (ASN-CRITE...)
9 13 142.250.184.226 15169 (GOOGLE)
1 104.36.113.24 ()
2 2 51.210.112.236 16276 (OVH)
2 3 54.78.254.47 ()
5 3.33.220.150 16509 (AMAZON-02)
1 169.50.137.184 36351 (SOFTLAYER)
2 5 35.169.179.244 ()
2 5.178.65.252 50673 (SERVERIUS-AS)
1 3 162.55.236.225 24940 (HETZNER-AS)
2 46.249.52.248 50673 (SERVERIUS-AS)
2 2 23.75.240.210 16625 (AKAMAI-AS)
1 205.234.175.175 30081 (CACHENETW...)
1 51.75.86.98 16276 (OVH)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 ()
1 35.244.174.68 15169 (GOOGLE)
3 5 52.46.130.91 ()
3 5 54.239.38.253 ()
3 4 35.227.248.159 ()
1 2a04:4e42:600... ()
1 2600:1f16:e61... ()
2 2 2a05:d018:24:... ()
2 2 52.49.221.107 ()
1 1 151.1.205.165 ()
1 1 85.114.159.93 ()
2 2 34.111.131.239 ()
1 185.15.245.80 ()
2 2 52.30.140.199 ()
1 1 212.82.100.182 ()
1 1 35.178.150.13 ()
2 54.76.64.233 ()
2 2 151.101.2.49 ()
1 1 2.18.233.201 ()
1 1 44.196.45.105 ()
1 104.111.215.191 ()
1 1 176.34.72.130 ()
1 1 185.183.112.148 ()
2 3 23.75.246.168 ()
1 2a05:d018:d29... ()
1 1 35.186.193.173 ()
6 23.227.139.243 ()
1 1 23.108.101.160 ()
1 18.66.97.109 ()
1 51.158.28.82 ()
2 3.120.214.218 ()
305 97
42    2606:4700:e2::ac40:8015 (United States)

ASN13335 (CLOUDFLARENET, US)
telegrafi.com
6    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.futureads.io
cdn.admixer.net
8    146.0.227.106 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
ads.futureads.io
3    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)
pahtuo.tech
1    52.239.139.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    199.101.135.227 (United States)

ASN40824 (WZCOM-, US)
PTR: ap7.adplayer.pro
serving.stat-rock.com
1    2606:4700:3031::ac43:a8b4 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    31.28.167.114 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 167-114.admixercdn-s2.cc.colocall.com
s1.v-player.net
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:236e:8000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
2    2606:4700:3030::ac43:c0ad (United States)

ASN13335 (CLOUDFLARENET, US)
telegra.fi
2    46.101.145.111 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.webpushr.com
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
4    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
9    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
19    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
13    3.67.18.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
d.vidoomy.com
a.vidoomy.com
a-prebid.vidoomy.com
9    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    172.67.71.111 (United States)

ASN13335 (CLOUDFLARENET, US)
central.gjirafa.com
bisko.gjirafa.com
8    18.196.121.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    52.58.67.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    3.222.163.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-163-155.compute-1.amazonaws.com
brightcombid.marphezis.com
8    81.17.55.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
2    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2600:9000:225e:6200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    149.202.74.47 (France)

ASN16276 (OVH, FR)
PTR: eu6.heatmap.it
eu6.heatmap.it
1    2600:9000:223e:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    3.121.92.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    64.225.42.52 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bot.webpushr.com
2    138.68.235.115 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
analytics.webpushr.com
4    152.228.222.122 (France)

ASN16276 (OVH, FR)
PTR: ns3189334.ip-152-228-222.eu
s333.adxpremium.services
6    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    213.19.147.44 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    35.157.1.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-1-22.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    74.121.143.240 (None, )

ASN- ()
sync.mathtag.com
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
pixel.sitescout.com
2    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    34.255.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-242-195.eu-west-1.compute.amazonaws.com
ice.360yield.com
4    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (None, )

ASN- ()
s.adtelligent.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    185.64.190.80 (None, )

ASN- ()
simage2.pubmatic.com
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
5    104.36.113.107 (None, )

ASN- ()
image2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
13    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    104.36.113.24 (None, )

ASN- ()
image4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-1.cloudy.ovh
pixel.onaudience.com
3    54.78.254.47 (None, )

ASN- ()
loada.exelator.com
loadeu.exelator.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
5    35.169.179.244 (None, )

ASN- ()
a.audrte.com
2    5.178.65.252 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
2    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    205.234.175.175 (Leesburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
15    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
5    52.46.130.91 (None, )

ASN- ()
s.amazon-adsystem.com
5    54.239.38.253 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
4    35.227.248.159 (None, )

ASN- ()
pixel.tapad.com
1    2a04:4e42:600::300 (None, )

ASN- ()
trc.taboola.com
1    2600:1f16:e61:3f01:46b:43f6:5ec6:edd4 (None, )

ASN- ()
dmp.v.fwmrm.net
2    2a05:d018:24:b001:736:16ab:a44d:3496 (None, )

ASN- ()
sync.tidaltv.com
2    52.49.221.107 (None, )

ASN- ()
dpm.demdex.net
1    151.1.205.165 (None, )

ASN- ()
bn01.er.bemail.it
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    185.15.245.80 (None, )

ASN- ()
dmp.theadex.com
2    52.30.140.199 (None, )

ASN- ()
bcp.crwdcntrl.net
1    212.82.100.182 (None, )

ASN- ()
cms.analytics.yahoo.com
1    35.178.150.13 (None, )

ASN- ()
aa.agkn.com
2    54.76.64.233 (None, )

ASN- ()
beacon.krxd.net
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    2.18.233.201 (None, )

ASN- ()
pixel.mathtag.com
1    44.196.45.105 (None, )

ASN- ()
usermatch.krxd.net
1    104.111.215.191 (None, )

ASN- ()
tags.bluekai.com
1    176.34.72.130 (None, )

ASN- ()
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
1    185.183.112.148 (None, )

ASN- ()
sync.adotmob.com
3    23.75.246.168 (None, )

ASN- ()
px.owneriq.net
1    2a05:d018:d29:3601:a361:57c8:93b7:1576 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    35.186.193.173 (None, )

ASN- ()
cm.ctnsnet.com
6    23.227.139.243 (None, )

ASN- ()
sync.spotim.market
sync.adtelligent.com
1    23.108.101.160 (None, )

ASN- ()
b1h-apac1.zemanta.com
1    18.66.97.109 (None, )

ASN- ()
tags.crwdcntrl.net
1    51.158.28.82 (None, )

ASN- ()
js.cookieless-data.com
2    3.120.214.218 (None, )

ASN- ()
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
42 telegrafi.com
telegrafi.com — Cisco Umbrella Rank: 327813
684 KB
27 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 471
pixel.rubiconproject.com — Cisco Umbrella Rank: 354
eus.rubiconproject.com — Cisco Umbrella Rank: 556
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel-eu.rubiconproject.com
43 KB
19 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6213
csync.smilewanted.com — Cisco Umbrella Rank: 4460
static.smilewanted.com — Cisco Umbrella Rank: 11296
19 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
155 KB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1764
mwzeom.zeotap.com
4 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 439
image6.pubmatic.com — Cisco Umbrella Rank: 612
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com Failed
39 KB
13 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 13289
a.vidoomy.com — Cisco Umbrella Rank: 9947
a-prebid.vidoomy.com — Cisco Umbrella Rank: 19928
18 KB
11 futureads.io
scripts.futureads.io — Cisco Umbrella Rank: 739933
ads.futureads.io — Cisco Umbrella Rank: 752386
89 KB
10 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
7 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1355
sync.smartadserver.com — Cisco Umbrella Rank: 1477
3 KB
10 adform.net
adx.adform.net — Cisco Umbrella Rank: 4019
c1.adform.net — Cisco Umbrella Rank: 571
dmp.adform.net — Cisco Umbrella Rank: 2468
4 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 240
42 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum.casalemedia.com — Cisco Umbrella Rank: 1323
dsum-sec.casalemedia.com
9 KB
8 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1057
889 B
7 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5502
s.e-planning.net — Cisco Umbrella Rank: 7084
u-ams02.e-planning.net — Cisco Umbrella Rank: 66464
i.e-planning.net — Cisco Umbrella Rank: 7160
4 KB
6 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2100
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5533
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9812
139 KB
5 audrte.com
a.audrte.com
9 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 338
1 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2279
www.google.com — Cisco Umbrella Rank: 7
64 KB
5 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6102
s.adtelligent.com
sync.adtelligent.com
4 KB
5 webpushr.com
cdn.webpushr.com — Cisco Umbrella Rank: 26315
bot.webpushr.com — Cisco Umbrella Rank: 43967
analytics.webpushr.com — Cisco Umbrella Rank: 35411
19 KB
4 tapad.com
pixel.tapad.com
1 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 297
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
2 KB
4 mathtag.com
sync.mathtag.com
pixel.mathtag.com
3 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1524
614 B
4 adxpremium.services
s333.adxpremium.services — Cisco Umbrella Rank: 43443
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
489 B
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44664
inv-nets.admixer.net — Cisco Umbrella Rank: 2358
13 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
197 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
56 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 621
124 KB
3 spotim.market
sync.spotim.market
1 KB
3 owneriq.net
px.owneriq.net
1 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
941 B
3 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
12 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1625
744 B
3 exelator.com
loada.exelator.com
loadeu.exelator.com
3 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 725
984 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1842
mp.4dex.io — Cisco Umbrella Rank: 2444
24 KB
3 heatmap.it
u.heatmap.it — Cisco Umbrella Rank: 30026
eu6.heatmap.it — Cisco Umbrella Rank: 231370
11 KB
3 gstatic.com
fonts.gstatic.com
51 KB
3 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 14443
99 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 everesttech.net
sync-tm.everesttech.net
855 B
2 weborama.fr
idsync.frontend.weborama.fr
683 B
2 demdex.net
dpm.demdex.net
2 KB
2 tidaltv.com
sync.tidaltv.com
791 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3281
918 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5262
637 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 518
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1552
646 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4524
sync-eu.connectad.io — Cisco Umbrella Rank: 3111
897 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 594
pixel.sitescout.com — Cisco Umbrella Rank: 3501
382 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 520
890 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 987
pixel.quantserve.com — Cisco Umbrella Rank: 427
10 KB
2 gjirafa.com
central.gjirafa.com — Cisco Umbrella Rank: 405130
bisko.gjirafa.com — Cisco Umbrella Rank: 313801
4 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4674
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 615
744 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 910
2 KB
2 telegra.fi
telegra.fi — Cisco Umbrella Rank: 678601
120 KB
2 v-player.net
s1.v-player.net — Cisco Umbrella Rank: 866433
196 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
134 KB
1 cookieless-data.com
js.cookieless-data.com
535 B
1 zemanta.com
b1h-apac1.zemanta.com
326 B
1 ctnsnet.com
cm.ctnsnet.com
444 B
1 adotmob.com
sync.adotmob.com
307 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
215 B
1 bluekai.com
tags.bluekai.com
225 B
1 agkn.com
aa.agkn.com
380 B
1 theadex.com
dmp.theadex.com
272 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 taboola.com
trc.taboola.com
161 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 598
1 linkedin.com
px.ads.linkedin.com
708 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
814 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 826
612 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 884
227 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2797
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5483
501 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
345 B
1 marphezis.com
brightcombid.marphezis.com — Cisco Umbrella Rank: 13175
98 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2157
157 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5990
175 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 43364
82 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 39401
174 KB
1 windows.net
gjstatic.blob.core.windows.net — Cisco Umbrella Rank: 183746
8 KB
1 pahtuo.tech
pahtuo.tech — Cisco Umbrella Rank: 695338
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
305 91
Domain Requested by
42 telegrafi.com telegrafi.com
13 cm.g.doubleclick.net 9 redirects spl.zeotap.com
ssum.casalemedia.com
12 mwzeom.zeotap.com ads.us.e-planning.net
9 csync.smilewanted.com 1 redirects adxbid.info
csync.smilewanted.com
ads.pubmatic.com
9 fastlane.rubiconproject.com adxbid.info
9 d.vidoomy.com adxbid.info
9 prebid.smilewanted.com adxbid.info
9 ib.adnxs.com 4 redirects adxbid.info
csync.smilewanted.com
spl.zeotap.com
8 prg.smartadserver.com adxbid.info
8 btlr.sharethrough.com adxbid.info
8 ads.futureads.io telegrafi.com
www.googletagmanager.com
cdn.admixer.net
6 eus.rubiconproject.com adxbid.info
eus.rubiconproject.com
ads.us.e-planning.net
s.adtelligent.com
6 pixel.rubiconproject.com 2 redirects telegrafi.com
csync.smilewanted.com
s.adtelligent.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.us.e-planning.net
5 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
5 a.audrte.com 2 redirects ads.us.e-planning.net
a.audrte.com
5 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
5 image2.pubmatic.com ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 ads.pubmatic.com csync.smilewanted.com
ads.us.e-planning.net
s.adtelligent.com
4 rtb.openx.net 3 redirects ads.us.e-planning.net
4 s333.adxpremium.services adxbid.info
4 www.facebook.com connect.facebook.net
telegrafi.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 adx.adform.net adxbid.info
4 connect.facebook.net telegrafi.com
connect.facebook.net
4 quantcast.mgr.consensu.org telegrafi.com
quantcast.mgr.consensu.org
4 www.google-analytics.com telegrafi.com
www.google-analytics.com
www.googletagmanager.com
4 static.criteo.net telegrafi.com
adxbid.info
static.criteo.net
3 sync.adtelligent.com s.adtelligent.com
ads.us.e-planning.net
3 sync.spotim.market s.adtelligent.com
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 token.rubiconproject.com 3 redirects
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 ssum-sec.casalemedia.com 3 redirects
3 sync.mathtag.com 3 redirects
3 x.bidswitch.net 3 redirects
3 cdn.admixer.net scripts.futureads.io
ads.futureads.io
3 fonts.gstatic.com fonts.googleapis.com
3 serving.stat-rock.com telegrafi.com
serving.stat-rock.com
3 securepubads.g.doubleclick.net telegrafi.com
securepubads.g.doubleclick.net
3 scripts.futureads.io telegrafi.com
scripts.futureads.io
2 ps.eyeota.net
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 secure-assets.rubiconproject.com 2 redirects
2 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
2 s.e-planning.net ads.us.e-planning.net
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 simage2.pubmatic.com ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 ads.us.e-planning.net 1 redirects adxbid.info
2 sync.search.spotxchange.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 a-prebid.vidoomy.com
2 a.vidoomy.com
2 sync.1rx.io 2 redirects
2 analytics.webpushr.com cdn.webpushr.com
2 hb-api.omnitagjs.com adxbid.info
2 bidder.criteo.com adxbid.info
2 ap.lijit.com adxbid.info
2 script.4dex.io adxbid.info
script.4dex.io
2 unpkg.com 1 redirects telegrafi.com
2 cdn.webpushr.com telegrafi.com
2 telegra.fi telegrafi.com
2 u.heatmap.it telegrafi.com
u.heatmap.it
2 s1.v-player.net telegrafi.com
s1.v-player.net
2 www.googletagmanager.com telegrafi.com
www.googletagmanager.com
1 pixel-eu.rubiconproject.com ads.us.e-planning.net
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 b1h-apac1.zemanta.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 sync.adotmob.com 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 id.rlcdn.com
1 px.ads.linkedin.com
1 onetag-sys.com ads.us.e-planning.net
1 i.e-planning.net ads.us.e-planning.net
1 ssum.casalemedia.com ads.us.e-planning.net
1 pixel.sitescout.com ads.us.e-planning.net
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi
1 image4.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 biddr.brealtime.com adxbid.info
1 s.adtelligent.com adxbid.info
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io csync.smilewanted.com
1 static.smilewanted.com csync.smilewanted.com
1 pixel-sync.sitescout.com
1 bisko.gjirafa.com
1 bot.webpushr.com cdn.webpushr.com
1 www.google.de telegrafi.com
1 www.google.com telegrafi.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 stats.g.doubleclick.net www.google-analytics.com
1 rules.quantcount.com secure.quantserve.com
1 eu6.heatmap.it telegrafi.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 secure.quantserve.com quantcast.mgr.consensu.org
1 ghb.adtelligent.com adxbid.info
1 inv-nets.admixer.net adxbid.info
1 brightcombid.marphezis.com adxbid.info
1 hb.emxdgt.com adxbid.info
1 central.gjirafa.com adxbid.info
1 mp.4dex.io adxbid.info
1 prebid-eu.creativecdn.com adxbid.info
1 aghtag.tech pahtuo.tech
1 adxbid.info telegrafi.com
1 gjstatic.blob.core.windows.net telegrafi.com
1 pahtuo.tech telegrafi.com
1 fonts.googleapis.com telegrafi.com
0 simage4.pubmatic.com Failed ads.pubmatic.com
305 139
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-19 -
2022-06-18		 a year crt.sh
*.futureads.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-31 -
2022-08-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-03-16 -
2023-03-16		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
serving.stat-rock.com
R3		 2022-05-01 -
2022-07-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.v-player.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-11 -
2023-02-22		 a year crt.sh
*.cmp.quantcast.com
R3		 2022-04-26 -
2022-07-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-19 -
2022-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2020-06-13 -
2022-06-26		 2 years crt.sh
*.webpushr.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-17 -
2022-05-17		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3		 2022-04-01 -
2023-04-01		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
marphezis.com
Amazon		 2021-11-30 -
2022-12-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-04-07 -
2022-07-06		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-04-02 -
2022-07-01		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
ads.us.e-planning.net
R3		 2022-05-04 -
2022-08-02		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
dmp.theadex.com
R3		 2022-04-28 -
2022-07-27		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
sync.spotim.market
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-03-30 -
2022-06-28		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.eyeota.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Frame ID: A7AD204A94D4C1C3E076518976E43808
Requests: 187 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: 437917462D50F7D353A8CCC6F04289F2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 6440C5D16B7434BCE0B1840BD62EBE02
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3E7729565D8C617E6984580717930D89
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13396601
Frame ID: D1B727AF9A8BC7CFE430E6628686D389
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: B24DC0542F6D609BE62FB9D7326664AE
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8847d75ec7a498862ca0ce6207f6ccb
Frame ID: C69284D2784D42E31E08D8EF19F919B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 8B8921E7504944FAF93ECB4ECF9075A1
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: C1148FC76B679657D5D24515C80640D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/7840b23c-8877-4e1d-982e-70956be86422&partner_id=1010
Frame ID: 31FC10E3C4BF0BBA0D4AE848312D4C1B
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: F0F315C9DC006975F002E87D168B9D8E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: BF1971469126565E2705360544361D97
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 10B3F0A9FD87BC9862E8452FCE5A889F
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Frame ID: E6EA28B42E2146BEE461598025794B76
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/f669bec8-d2b6-11ec-a4c8-1e3504c40206
Frame ID: 2A64B8ECDF74CD7B2A44B84C0D8F59D1
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 443E1324159FD9A90C98C414A60386D0
Requests: 5 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: C654F4A40A2D131E108A82D431F6740B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 2EEC67C82B989E47D805524A53390906
Requests: 12 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/loopme/2c2aaa06-1829-4524-a981-5a68cb000eaf?gdpr_consent=null&gdpr=0
Frame ID: 92B76318D07BF59E8DFA0B1CDB28775C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-uSRmrq1E2uEbON9wAOaYLIw0_EOwsIEv9qdTFwY-~A&gdpr=0&gdpr_consent=
Frame ID: F82FDC76767EF83DF04DB98DC7FB6F53
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
Frame ID: 3B99305F33E4F02AB9CD2D09AEF398F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c06f627e-4cdc-4900-aef7-c604f3ae0a3e&gdpr=0&gdpr_consent=
Frame ID: 822093B4767F2D72CAE3E337D48286A2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1982633210603718650
Frame ID: A79D618AE7A25271026FCCB5FA3A0E55
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6BFFF3FD8B2DBBF7F14C93C1893517FE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
Frame ID: 75D2F42665804641227827AC15369429
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: A7C73E35963CFC07119903124E38C7D7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc9c49971c03e33da%26uid%3D
Frame ID: 7F2809BDF2862A4976337A2A25288D0F
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Frame ID: A1672EA677B2F397F59CBB80228C4547
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: CE0E966EB18F328081BBE651F66F2587
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: AF20C953CBFCF4765AC19C4B029A401F
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&cmp=0
Frame ID: 07BCC96654D9594CDB25A20F7F57C1D4
Requests: 30 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=6163704074361520115
Frame ID: 3B2FDDF95404A8081DDBE04CA587F06E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: C847E09B89C4964ADEDEF7E74F3DEB88
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: AA7E7041C189800E7AB5EBD51A445529
Requests: 3 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 5A2C1862147B1D27CECAB4DBC613489E
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AH7SiRDaFiGQFDtR
Frame ID: 9C8D41E8B470B1EAF214AE6FBBD5E8AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found - Telegrafi

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

305
Requests

85 %
HTTPS

27 %
IPv6

91
Domains

139
Subdomains

97
IPs

12
Countries

2670 kB
Transfer

7875 kB
Size

64
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Request Chain 189
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/vidoomy?zcc=1&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D&cb=1652444379665 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
Request Chain 190
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D&ox_sc=1 HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=9e63a5ae-c0c9-4ae0-8bf3-97f89fb2a72f
Request Chain 191
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6163704074361520115
Request Chain 192
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dbf245678-717c-4a8e-8093-d41df478d7b7&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=49c7627e-4cdc-4f00-8b25-a575e1a75309&expires=30&ssp=vidoomy&bsw_param=bf245678-717c-4a8e-8093-d41df478d7b7&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bf245678-717c-4a8e-8093-d41df478d7b7
Request Chain 197
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8847d75ec7a498862ca0ce6207f6ccb
Request Chain 199
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 200
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/7840b23c-8877-4e1d-982e-70956be86422&partner_id=1010
Request Chain 204
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Request Chain 205
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=f669bf39-d2b6-11ec-a4c8-1e3504c40206 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/f669bec8-d2b6-11ec-a4c8-1e3504c40206
Request Chain 208
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 210
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/2c2aaa06-1829-4524-a981-5a68cb000eaf?gdpr_consent=null&gdpr=0
Request Chain 211
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-uSRmrq1E2uEbON9wAOaYLIw0_EOwsIEv9qdTFwY-~A&gdpr=0&gdpr_consent=
Request Chain 212
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c06f627e-4cdc-4900-aef7-c604f3ae0a3e&gdpr=0&gdpr_consent=
Request Chain 214
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1982633210603718650
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x8TSy7GqTvK-hQFcH2OIWg%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x8TSy7GqTvK-hQFcH2OIWg%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 218
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e28627e-4cdc-4300-9c0f-62ebb45165d7
Request Chain 219
  • https://pixel.onaudience.com/?partner=214&mapped=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5af9c02020ca98b5a09e0bafbbb87d7b&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 220
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzdDNEQyQ0ItQjFBQS00RUYyLUJFODUtMDE1QzFGNjM4ODVB&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzdDNEQyQ0ItQjFBQS00RUYyLUJFODUtMDE1QzFGNjM4ODVB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECRRXI6wzloJmWm3OGBxh5k&google_cver=1
Request Chain 223
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=287918371402942664
Request Chain 225
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163704074361520115&gdpr=0&gdpr_consent=
Request Chain 226
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tluRH7QKwhmtW8AftFiLGeZakhytDZAb5V7zjXPc
Request Chain 231
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc9c49971c03e33da HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 232
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc9c49971c03e33da%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9c49971c03e33da&uid=6163704074361520115
Request Chain 233
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 239
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM0RVBTSkItMTEtNEFVWQ==
Request Chain 240
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L34EPSJB-11-4AUY
Request Chain 242
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OGj7KRFQSZO8XZwTpTPBWQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OGj7KRFQSZO8XZwTpTPBWQ
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAiYiX9jgnMFxcdF3EbcZKU&google_cver=1
Request Chain 245
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xqTUaeZaST2UrO5b3Fr6gA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xqTUaeZaST2UrO5b3Fr6gA
Request Chain 246
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM3YjZmMTY0MzE1MDNlNzc3ZTgyNmViZjhlNTI0Njg1ZDM5ODU0Zg
Request Chain 250
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b2c3e51f-1ec6-4deb-8394-2050858db466&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 256
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a3ff1921-725c-47ff-a211-67c85ab219e6&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 257
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=08249807800535779361458888018642454960&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 259
  • https://bn01.er.bemail.it/zeotap.php?_bid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022051314-65111-0.590035001652444371-8db7f343ccd5a2c1f8a1f29934633aae&zdid=533&env=mWeb
Request Chain 260
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7097194570572429457&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 261
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=836b7b7b-9d12-4c6b-4748-255e9ea63be0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=836b7b7b-9d12-4c6b-4748-255e9ea63be0
Request Chain 262
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=836b7b7b-9d12-4c6b-4748-255e9ea63be0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=836b7b7b-9d12-4c6b-4748-255e9ea63be0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361&bounce=1&random=1540250732 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=AvhnOLqPEfJGaF78eb2h3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 264
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=836b7b7b-9d12-4c6b-4748-255e9ea63be0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=836b7b7b-9d12-4c6b-4748-255e9ea63be0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 265
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-k_Bdz0pE2opqeXMsIvkxslC1CCQb8fY0dQ--~A&zpartnerid=570&env=mWeb
Request Chain 266
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRW5KvIFTDWqRrQjOCc0AgyH%2BS41iYitP1U%3D
Request Chain 269
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361&_test=Yn5M3AABAaAyBQAj HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yn5M3AABAaAyBQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&_test=Yn5M3AABAaAyBQAj
Request Chain 270
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a8ab627e-4cdc-4f00-85b2-18f53456a350&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 271
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 272
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&dcc=t
Request Chain 274
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yn5M3Fg.Io9hwiQbBrPeEQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKpSjOJDUUX-a3BXJdp8r-A&google_cver=1&gdpr=1&google_hm=2
Request Chain 278
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB&dcc=t
Request Chain 280
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 281
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7057307801093539856&uid=Q7057307801093539856&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 283
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=418830585c7747d688a1f66a9cc75618&expiration=1655036380
Request Chain 286
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=6163704074361520115
Request Chain 288
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 289
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Request Chain 290
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Request Chain 291
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Request Chain 301
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=287918371402942664 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=&google_gid=CAESEKkh0TfT9Cl8J76BTIKjEqI&google_cver=1 HTTP 302
  • https://a.audrte.com/p

305 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request &data=05
telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/ 		76 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1492d3aebb2d7d514c599f66827eacf825874188d1ca486b4e3a03a4031db163

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
70ab57e02b999165-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 11 Jan 1984 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QJJNGzpyu9LGtG8J8%2B3FGD569qawh%2BWqz2GaNbak%2BsFnjNihrzqWQZUx%2FqAxse%2BiQU5arWgds24%2B%2FCvfDW0aT114LvP2FvN%2BhYmZd1WKMhB9YWJ1fH6BWf5IR2GhNXSJq4tNlvc0gnGTJUB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-elasticpress-query
true
loader2.js
scripts.futureads.io/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/loader2.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d2ef2d592f177d6008f995b944cda8c3111800e828e3aedb3919d22ce2e4755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:48 GMT
server
nginx
etag
W/"626a813c-2c101"
x-cached-since
2022-05-10T20:41:58+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 28 Apr 2022 20:51:51 GMT
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ab8292395d61b7c0246ffb47931010f2bb4efb96859965fa85b0b39ce8ca023c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
8f64c8732b4c435c2c21b7cb30bc501270fec3a52ba16cf61b48ddb30405727c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28380
x-xss-protection
0
server
sffe
etag
"1213 / 618 of 1000 / last-modified: 1652440109"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 13 May 2022 12:19:35 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
197b21250aa1eac1f97d48d36af417123c7ee68bb85453f6822745ff8d061011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 May 2022 10:51:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 13 May 2022 12:19:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 May 2022 12:19:35 GMT
zuck.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/zuck.min.css?ver=0.0.66
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c585b20a808a86544de8a30986d414790a235565c0f258a6906e8ab95a1ea3
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 06 Mar 2020 09:41:57 GMT
server
cloudflare
etag
W/"5e621ae5-2720"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAHIHk4L5X8OYniHBIGbT4tV7KTHUhwyUONYDsUlsX9q4lgalNG2W3rny27Kkmz3EZGXSnK4XqWCcOjSzDvhTjb%2Ba%2FHaE0eUEBoBuzMOj30pjusKChaCHzyc89%2F%2F1l5LgWmzVcFer8suiJTF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17e9d9165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
bootstrap.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/bootstrap.min.css
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9fe71e05e63690230d5fc96364a60e2ca70c51d1c957dfc44a9bb66c877f23
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-5b8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd2MkDYIzn%2BmuvBEfNnVH7cBbOOl5IpLYJilRO8Sx1Udy6mS9LnQQ57ZO8%2BsbyTvQ2PTKBlNPGRzKcKPtbcpb7RLoiQRvdUiMxWdRYc%2FoagDsxgWoplXhFSzlAo1mlqbEdSS%2FuqDj0MkVHRD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17ea19165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
styles.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		121 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.4.86
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0273ac06621779c95352aeb27995d1f226551806e3c8303e6f224e5876c1b2
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 04 May 2022 12:27:37 GMT
server
cloudflare
etag
W/"62727139-1e2f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSgeoeRdLJr9a3Id6h8kMJlDs75O201vArTu1PCko0lbZnhkLTsF6JFbsS2iaAWNgYG2E5bqd5AmFu13iGMPobl6oEOSQjqptcZgpQtGHGqHQVa1gx3xBv1bPEbN53TETzVcahqZVPod%2FB1a"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17ea39165-FRA
expires
Thu, 04 May 2023 12:27:42 GMT
swiper.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/swiper.min.css?ver=1.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c6b74aab138b30b1e7e29cc1377c646142dd133db41771266f8c6466e380f3
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 11 Jun 2021 12:58:31 GMT
server
cloudflare
etag
W/"60c35df7-455e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08QR7ZsJ5FWY7XGPEZ7M34FaFROE%2BLjaZBWZ4VWwgYfgplCIHvDjjDWuhLK1Py32dcLrG%2BkYU%2Bq8mhghv%2FzQtO5n%2BHGIDw%2FCzT%2FXBbSpnUQyoKghd%2BueYT7Mt195mw8OoM4zwwdt%2FDAuC3PI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17ea49165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
style.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		83 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/style.min.css?ver=2.4.26
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ab87dead82405e7357f7c03ced2b4d5d3cb991e3fc59587c22486519ad1483
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 17 Jan 2022 11:55:53 GMT
server
cloudflare
etag
W/"61e55949-14b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0GFIUPJcV67CgyO%2B5GNHdz7l8pNRfeyrOY9FkRvVnuoeNLlPiVLEAe2JjI1mdKAYFaRfxhqkQg%2FjghWOGzaPQya46pkVb1Rj0ajgoOA2FjOiBmSiaTbpUVfc8vC1HH9PxKLnkpgT%2BuO1OHY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17ea69165-FRA
expires
Tue, 17 Jan 2023 11:55:59 GMT
nadballina.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/nadballina.min.css?ver=0.13
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759a7832652307a3887378304f8ef16b8a9390e48172cbcfba5b2e7a23923778
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 04 Aug 2020 09:50:08 GMT
server
cloudflare
etag
W/"5f292f50-960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRZjitvCwOC5v6pemVdTPOfUkYzwKQBjUOrU1KgQAE4wXv6lCTES8G0Z3B%2B7g9KxnUvEUVSNno7tTKOgWCsanS5H32xMEa9SZJkT2pUuWghX3Bxnnjakiy3QvM6iBq4kQ3Oek1P91aJIoyOH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17ea79165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
jquery.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/jquery.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-1787d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu2QkbJG4pMMw0K5%2B%2BxwL6ahu0mx1BsG%2Fl6aVe%2BEm6wRBo9oovdMznVh9%2Bzuu41S0v%2FRig07qTGezh77q%2BfHnsngH08ALWd9FwPcxSq43ZxFKXRHCKWW5FEmb8h7aVX8iu7dQDSTJycK5v0s"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17ea89165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
sticky.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/sticky.min.js?ver=1.5
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66078495f7cb24e6c59bc1a4e8e1ba63800dd8b7669a1b9201de1194d201aa9b
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 20 Oct 2020 08:36:24 GMT
server
cloudflare
etag
W/"5f8ea188-1b7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogccr7jw350aPWJI%2BXJbtxc%2FJYNRFBlLGCAC5aTXGxndq%2BCtPgUPJaSkIW7NRdWynNKBFsj74CBcMhtG92vYkMlxpotRSZgNnnOr6xw2TeBVPJm9SuOJLWbOqLOK8TrXBPDUhtyjA1zab9RO"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17eaa9165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
zuck.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/stories/zuck.min.js?ver=0.0.26
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a413599926d697f1b97c79da6ad1d10047aa3b4b81c78bae0799fe23f26f468d
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 11 Dec 2019 17:10:56 GMT
server
cloudflare
etag
W/"5df12320-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvB1cBQapI47oGaVON6xLpMlX0J1Eud4JkPRlNdSwuRIA8rVucpSU1K5gV5PxqISGg9jqAKTKKqJhfcaItD5LLCzKHT6%2FYkUERDrANfzctx2wXH4xuH%2FuqIWoSGzCQx1r%2BS1xzxGjqqjUhO%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17eac9165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
nadballina.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/nadballina.min.js?ver=1.9.92
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e146cf548483ff23de03f7df499088925b151a115865bf5eaeb976e4e44d4a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 20 Oct 2021 08:46:34 GMT
server
cloudflare
etag
W/"616fd76a-3a14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ybGl4FlzJSmJ8doZ2KkXBie4glXcT0YdsqP8%2Bn2x%2Bx2zWkqFrQdjZMYtL8ndA2dVRBURP7GPLaf4RTEi7m70wOPIBdgJD40r8RrRAYWSXM%2FC70oEVh8l4VLj0BFUIZessDJEmV4BnZy198i"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e17eae9165-FRA
expires
Thu, 20 Oct 2022 08:46:41 GMT
swiper.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/swiper/js/ 		142 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/swiper/js/swiper.min.js?ver=1.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24eaa87d394e82bf4c46c8fce9d490c95367a1c7366562b1c153dd5593e2531
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 11 Jun 2021 12:58:31 GMT
server
cloudflare
etag
W/"60c35df7-23827"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZt9uGGjsfRirwHwL4boeiiViZPiGdaHNJkz4wafN07Z0MmKgoZ5o%2B8BVuom%2FRldiRR4Py1BPHJBv2HCduwVtPn3ZnIBFxqdTng46DI84Pa9szOcBpaxIc5IfcZ7LhdN%2BHFAn7IMAm1wGIJ3"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e18edd9165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
telegrafi.com.js
pahtuo.tech/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtuo.tech/c/telegrafi.com.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87fa102ae7215ece711604ab2495ad619b14678482f6d3466ffc8ab7c96369e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5735
cf-ray
70ab57e2888c92ab-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1921
x-amz-id-2
cTL8sEok1UP53Jom15NcvsFdy7rne8QZ1tKAdnH6pFxWiCQWouuJLhK/Zz0XUiCRBUq5qTypxzs=
last-modified
Wed, 17 Nov 2021 12:48:05 GMT
server
cloudflare
etag
"f7420f85fb1cef836a755ef4061e3d75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etYDwv7B9uNy5d3q4cfMauF1Qfy8Y%2B%2FluJvBgg1Zl2viEl8tz4%2BFCnkTBaqHI28RO%2FIja6bq6Tu61NSDormTvRraqd5FdAgAldxzcr4lGR%2BMPdQHAYB%2F0v0pQ0soT0tTTSo4UE6TJApcpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
E3Q2YXXT6JD0CBGB
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
cmp.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/cmp.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3ac56ea7009181cb686ac18512efc3c94e6509c3920cea8e768c12fcfda6d1
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 14 Oct 2020 15:10:59 GMT
server
cloudflare
etag
W/"5f871503-107d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOhLoOXLnC107LXLfRPxG%2FOlJ1amtXVtAmVF3szgZDhMVWaC6CwXDWdoahiYmHoGyxLNXKHzZbERak7VkuGkM9Uho89dHYKkQjX1ZnxeIPSj1GU3eZxxyJ%2B6eIcuCuyT3s0VIpVIOJfHcZPq"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e18ede9165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 13 May 2022 12:19:35 GMT
Last-Modified
Sun, 28 Feb 2021 19:38:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AkdWFmz3+ZBD6nME4CH9VA==
ETag
0x8D8DC207C714D5F
Content-Type
application/javascript
x-ms-request-id
92be60a4-601e-0009-5bc3-666f6a000000
x-ms-version
2009-09-19
Content-Length
7361
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-1dc01"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 May 2022 12:19:35 GMT
futureads.js
serving.stat-rock.com/player/ 		311 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/futureads.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
11c394fe3a9ca0ddd99fc11e649c1bbf7870ff6fcb801e7820aad36de044ecee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Wed, 20 Apr 2022 07:23:23 GMT
server
nginx
etag
W/"625fb4eb-4db8f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
telegrafi.js
adxbid.info/ 		616 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/telegrafi.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a8b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95741c9304c69da2e0b4b8c1a6f5eef4b48a327ae3af455c995cd89e5615d774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 13:41:42 GMT
server
cloudflare
age
2064
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akjWzg5Csg7u4x9zDx0F6BAhFB2oZ4qDXiwWWqMYEe%2FALqp0q8Rawo%2BioZ8oQ7Pp4zXHXCPG7OuNHtrSPgn2GraY8X6YSjUFdiewF%2F%2BMkXMhlMgeKQ2mdj0gzPWTcfIXD30gs82KCnhsjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70ab57e27f1c9b1f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegrafi_logo.svg
telegrafi.com/wp-content/uploads/2017/02/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/02/telegrafi_logo.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d93d95a887c7049a48767ba91fb4d54802b9eb632fed06116967e5fa116fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348636
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Sun, 12 Feb 2017 14:51:21 GMT
server
cloudflare
etag
W/"58a07669-283a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BsxYMguZVLSB%2BGBmgzhqSDQOffgf4vFmojnRLxHTkSN43WBG0%2BUHj2xnrS0%2B68qDTMkr%2BSdmzrcFm6YDwNKYt07ThnU54ygpTWXmm5Iel3X6jrM6Xic%2F5D7XYbc0z2Gi61yOfRpdH2eFse9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70ab57e2182a9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 25 Jan 2023 07:28:49 GMT
deals-logo.svg
telegrafi.com/wp-content/uploads/2021/04/ 		8 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2021/04/deals-logo.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ddb33c5357ea6bffbb48ef3e384b9a3011a7c09e81cac8e58909b190a42fdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9086403
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Wed, 21 Apr 2021 12:18:07 GMT
server
cloudflare
etag
W/"608017ff-1eaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7Fe%2BVFicFsav0D4JxXPGEn4v8R33nr%2FLsnJuLlO0AwknvPmoW%2FWIkOPpzfhSDBhCZl%2FQNJKg%2By%2BtCFxSByW1ljM0J7EdbpUmWpDGAXNawj9mG1s7JkPElBXKFe8ic1Fi86OfdusbShbrs1J"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
70ab57e2182c9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 28 Jan 2023 08:06:20 GMT
app-store.png
telegrafi.com/wp-content/uploads/2019/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/08/app-store.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c261e30a476d56f895b5a24412062f8d8a69ecf4b296d2428f4621901c4d42cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6379335
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4814
pragma
public
last-modified
Sun, 04 Aug 2019 11:30:54 GMT
server
cloudflare
etag
"5d46c1ee-12ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR3m8WW6ExhaGtTDZVnmsCZ%2Boxwa5VSheobiKFf5eMIgecFXT7cE0ZZITrTHEbP5PD%2FhD3%2F3pCvm%2FDmYzdn5KB1cR39YD6tY%2BrmGq8Fg4MB3DI3iAQl6eD66lEkZfGAlhi1ykLVmyWvtAOjj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Tue, 28 Feb 2023 16:17:20 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e2182e9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
google-play.png
telegrafi.com/wp-content/uploads/2019/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/08/google-play.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a21de8e50cb5fec4d27925459bcefa46d0dfd9be177eaaa765fa1ec9c9c649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6379451
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4431
pragma
public
last-modified
Sun, 04 Aug 2019 11:30:54 GMT
server
cloudflare
etag
"5d46c1ee-114f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlxxzyhtYmdV2Zmm%2BFl9uc8xqqcOoWyvqmfKQU8FwLXZiy4KPsZrGOKCubzD%2FX0ODnBaG%2Fz9E%2BFNAXXEMuabKfLnzuAKbhR%2F980DSBpmxm%2BeR%2BuAOBZ92BkUtBvx31NSXnY2mb8KNhhgwSNj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Tue, 28 Feb 2023 16:15:24 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e2182f9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
logo-telegrafi-footer.png
telegrafi.com/wp-content/themes/telegrafi/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/logo-telegrafi-footer.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23215c2c28bbe8e3ea1982d6dddbe2580fd33e82d2c98f2e202b370a46cb0d91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1265
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
"5a8039ec-4f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDQ8aQTi2l%2FVJWqjWTRBenglriJqFJ%2F%2BPSA8mXOA7dBlgrQv8YFLeZ7DaCL7xoGlKZDKyC27ot93qyanGGx9%2FXHQ7LTMBGLkvCKHFGh257uTTExod33w%2Bp7%2B0J1AjXtIXwsAAlD0cfEdOqqQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31556952, public
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e218329165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Oct 2022 21:26:47 GMT
dukagjini-new-logo.png
telegrafi.com/wp-content/uploads/2016/04/ 		580 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/04/dukagjini-new-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7962210b6e797e08c011395cf88eeff6c058253b4242b8c5256869f778597e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6390043
cf-polished
origSize=876, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
580
pragma
public
last-modified
Fri, 29 Apr 2016 11:10:22 GMT
server
cloudflare
etag
"5723411e-36c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWjgOVaixDc%2Fe9Q6fPntlFFpHx96V3ZxwBNuJ0CXSfiPG8feD%2FxxSTAt6YTaWAJjkcG8uJpb4Q78p6Nwt8%2FQqwDhrU4cDVltIREbqEFccbroLtJvUUFR9nY7wLae0pOrXWaM2GXIReZxvNfL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Tue, 28 Feb 2023 13:18:52 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e218339165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
deutsche-welle-logo.png
telegrafi.com/wp-content/uploads/2019/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/12/deutsche-welle-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72720755f75baede2cb757a8111daff30a7c322428eed7a24b37d84fbec67993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348636
cf-polished
origSize=3525, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2618
pragma
public
last-modified
Wed, 04 Dec 2019 13:54:53 GMT
server
cloudflare
etag
"5de7baad-dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7yS%2FSM7rARrLEVyFkmNHJaxn%2F506IAL0VbxJtZq7diPHy%2FiPAHF2tBlYUuVNS5NTRVv2HIJeOuDS1mBZf2ACY2w%2FLhgl%2BGMRPGPTfxCas4RbSXeMYyMc%2BvpOOsVna%2B%2BGPdd7Vnd3yBNpG73"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 07:28:49 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e218359165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
shkabaj-logo.png
telegrafi.com/wp-content/uploads/2016/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/04/shkabaj-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7844cfb29c5da5aaf907a24611ae207eeee959eadeb087ce5d01713a4267cd2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348636
cf-polished
origSize=3647, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2352
pragma
public
last-modified
Fri, 29 Apr 2016 11:10:23 GMT
server
cloudflare
etag
"5723411f-e3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwy8Y17WtyDpDJYcFZJ%2BEqZ9bmDAv8ChAKuD597CnOfR49%2BWoysgFmC4W%2B0XMLVF13hJP%2BlA84r5PKEqWDbXvQ%2B%2FRRT%2BjlQR3QTxyUl%2FaYeNlxCgdP1yKvLiHJwvzWMtwW5f%2FmMk7ZUx3w%2Fv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 07:28:49 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e2183a9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
toske_geg.png
telegrafi.com/wp-content/uploads/2020/09/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2020/09/toske_geg.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41854f41fe85020edc0377130d956283c0c533e9996e3a7e3aa7e909f93dc954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6384971
cf-polished
origSize=1463, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
933
pragma
public
last-modified
Mon, 28 Sep 2020 08:00:56 GMT
server
cloudflare
etag
"5f719838-5b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zt9XhGTWhADYSgfvfmAPMBIt3sw4B5Usp02RlDGDJVqz1VQevlQyP7Zkl7C2LlinshCo4YVzmQDgYv7GLqiSwhwfF5CWwagmNX7NHxyrT%2BHK8zshEUhddP%2BIchyDRkxiDxYIuyfzgPRK0B7"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Tue, 28 Feb 2023 14:43:24 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e2183c9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
font-awesome.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0957311c8318f0d2498805c7bccc65cd0c86c643e12ed83031452e5f91152e4a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Nov 2021 09:36:29 GMT
server
cloudflare
etag
W/"618b929d-6dc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DkZfQKnpCsEemOcV2xOYFq8qQShBvpjA6bqvEA6LZ4N%2F8HaL%2BWwxQZittrCzJItxC6o7qYiRwZMX%2FjxI0S9vSVJ9M%2FJAsM31u7kGA2uA3jwZ2sZr2xoEtJuZshCVpSkYIS5mHfb4i9aBpIQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e218199165-FRA
expires
Thu, 10 Nov 2022 09:36:34 GMT
clipboard.min.js
telegrafi.com/wp-includes/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/clipboard.min.js?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 25 Jul 2021 08:39:43 GMT
server
cloudflare
etag
W/"60fd234f-296f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTlGWfnsnhrbPGH0p3SOX0BYe8OO55tDWNUC%2Fce9f3IPn06zoIDSSiE9NY93qntYBLp8dDZQcmNVLJnPdWRLs8oHG4zeNDkiJb416v%2FUXqpSl7wod%2BmJZmXYkqldO5FYZq1nqMVcfcMMGPdz"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e218229165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
main.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11364d0061c53e3b2f6c0ce2fa70d7961f0d06fe5939d3aadb4e8467fac1a980
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 10 Apr 2022 10:10:07 GMT
server
cloudflare
etag
W/"6252acff-bf76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMm3TQ8XbqFR4gn4u93ajq96aQ60PFXL79RQRgvxx6aOaD7f7oQP6Wwf6exbBGdNl0WU7ZbuwsfxSIhcXwXvADH9QDpbSootJ5W4oQE6xcNfjFV%2BGACqnfnueKH7ogJXI1I3q%2FYYxmjVgamx"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e218249165-FRA
expires
Mon, 10 Apr 2023 10:10:14 GMT
jquery.lazyloadxt.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/jquery.lazyloadxt.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14eec7295e73242aff774c5b71962ecf640f4bcda0ce68df52a283c8e970613f
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-98e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SQkidRTpzZmWEoSMFpDx7Hz67ITnc25EOvZ1%2FTTXqTy0F23qQIp09BBwaQJBQWjxb8fJQZ1hgY9nz5uGqcvRyRJEXqm63upsaBR4olBnuStxx1MWKswWdJwcd3NsW%2F7nHARjOGcArZaCM2l"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e218269165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
general.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/general.min.js?ver=3.00
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7156d8e7be5cbb3506804b16a96f73591ced0d621a6b5f34ca88119d191b8c
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 09 Nov 2021 13:14:42 GMT
server
cloudflare
etag
W/"618a7442-2411"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e19kT5HGCYprtH%2F5licBoXBomDusrDd2a5hFv9C6K%2F%2BdZteT%2B%2BvymyBnSiA3spHTgEs%2FdmQ%2Bc14qEOMsAf5vxy78rC40z9lqKIldlqMZV%2ByEeS%2BkdA4Aiz55RQAbMMQaxWv5euXj4hmwgRZT"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e218279165-FRA
expires
Fri, 23 Dec 2022 17:39:28 GMT
wp-embed.min.js
telegrafi.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 27 Apr 2021 11:34:25 GMT
server
cloudflare
etag
W/"6087f6c1-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYV8Mp1556YwsoXV1VaANY3XEECGayivsIHPJDXhegY7MxdhiIkpOzdwsKs9BS6ibxu4dlQoNkNLwrct0Zle7OM9eq8a07LXag6oI9WGnPv2yHLMMsjqie0wME6MZAg7S2wvyTq5jhH10OTf"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000, max-age=31536000, public
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
cf-ray
70ab57e218299165-FRA
expires
Thu, 06 Oct 2022 21:26:47 GMT
gtm.js
www.googletagmanager.com/ 		185 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a12091ef6879b13e67a80567a6c99dc1b5b095d21c9a102c43a0b6d5c003220d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66455
x-xss-protection
0
last-modified
Fri, 13 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 May 2022 12:19:35 GMT
html5player.js
s1.v-player.net/player/stable/ 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.v-player.net/player/stable/html5player.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
6463627134cc4c1d4a2a6074dbc030929369ce6c318ada0e3f246f3b6f806828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 11:41:16 GMT
Server
nginx
ETag
W/"5f8eccdc-4f5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 14 May 2023 12:19:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
26
date
Fri, 13 May 2022 12:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 13 May 2022 14:19:09 GMT
choice.js
quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dcafbe9407c301261985c3dfb80d73966d57e2bb5d67de978222cb8765e17d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 16:33:29 GMT
server
AmazonS3
age
10
etag
W/"992ab8620dedf1f62286c67a7661e59a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
PUUMMAwXzMBUWJrmxAPYL2ds8gTfzCSxp1HyegOLbHpbYai9lrToAg==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b3918390779771c36fd7aae686ce75b927606f0c15c2e51079ca710aa5231a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
utTK0DzVlbJaHCXtgWKPKA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 13 May 2022 12:39:30 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
biW2q2PX34OuqKMoLJqoZbYpJnrk4kPc4Nx66mPO4X+zU05IpMA1873twH4nn9spBLSVbWcot/i8CTweK8EGNQ==
x-fb-trip-id
686109401
x-fb-content-md5
f3586fefe0cf0d2a271d6271030507e8
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 13 May 2022 12:19:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"22b731df29640caee91a4540e689f078"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 20:59:48 GMT
x-content-type-options
nosniff
age
314387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 20:59:48 GMT
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 07 May 2022 16:50:27 GMT
content-encoding
br
last-modified
Mon, 28 Mar 2022 23:21:31 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"624242fb-6b2b"
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10532
x-request-id
615024051
expires
Sat, 07 May 2022 17:50:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
AKk92vELBuxm1708BGGm6HbwOZKQA74GkskxS/KppA617n+6mZiAVyCTbfMri+Mif135oVWv4/q+XUBpNTHtAQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 13 May 2022 12:19:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 21:06:50 GMT
x-content-type-options
nosniff
age
313965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 21:06:50 GMT
pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 20:59:48 GMT
x-content-type-options
nosniff
age
314387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16920
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 May 2023 20:59:48 GMT
fontawesome-webfont.woff2
telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
"5a8039ec-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmGRFhzohv1xdJ%2FNr9nv1sJCet6nktXlhRlGJHeXfXAXbzqeq2%2BEFbRrxiOHbYEmZ4U1dK7n1cm3JALi0K1fwb0Pyi6VCPRH0Imb8qGtrHvuI7So1tq1s%2Bu8O0hGTynYclIBRasuxS5OdIMn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e299439165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 06 Oct 2022 21:26:49 GMT
breaking-news.json
telegra.fi/storage/ 		311 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/breaking-news.json?v=2022-05-13T12:19:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1967ee62b22b15de74f52adf8fb169a9f97ed136c730bcc4310f46fd8acf1dbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 12 May 2022 09:48:05 GMT
server
cloudflare
etag
W/"627cd7d5-137"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4sBOhFrmZkzsAffgpFiwtGcCJV0SD3xEJ1TmqavFw6TlXdOyPaNbRoAaxkkmdumIf2fqhRL6MuZezpcimt5l1SUbwkkI5akLRnJEA8KuUx9Z0tkCD7iYPQXnsWnq5lUWDB7nywrREhIk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
70ab57e2efb69a2f-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
all.json
telegra.fi/storage/trending/daily/ 		535 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/daily/all.json?v=2022-05-13T12:19:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2dd8b3b3a2001264f48efa51e26f53231ab56db54422dbed36942bdd1b6fcd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 12 May 2022 22:02:12 GMT
server
cloudflare
etag
W/"627d83e4-85d32"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmOO2l4s4y96PATBllGaupZo1RQEoC2A8gl3gLGMoTKBkcfs0tFaxJhdWHNjZEFOMcl%2BXdomYROndGlnBVm1kFv7RbeNOqJ1yk16OotJUInf8v%2FpkwFLIKFuqwpSDTMXCG6vK4PuA%2Fyg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
70ab57e2efb99a2f-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
app.min.js
cdn.webpushr.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.webpushr.com/app.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.101.145.111 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
39e3b7a575958736f4307accdfc7243a4aac7f0342bd12bb0743e7a0932546df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Sat, 01 Jan 2022 18:51:28 GMT
server
nginx/1.16.1
etag
W/"61d0a2b0-9bef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
x-gg-cache-status
HIT
cache-control
max-age=86400
expires
Sat, 14 May 2022 12:19:35 GMT
c.html
cdn.admixer.net/scripts3/45890/ Frame 4379 		738 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 13 May 2022 12:19:35 GMT
etag
W/"626a814d-2e2"
expires
Sat, 13 May 2023 11:15:40 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-12T11:15:40+00:00
x-id
fr5-up-gc28
376cef9bc739cb759b1b.b.js
scripts.futureads.io/scripts3/45890/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/45890/376cef9bc739cb759b1b.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:56 GMT
server
nginx
etag
W/"626a8144-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-12T14:16:19+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 13 May 2023 14:16:19 GMT
8fa10895f61293c9aa16.b.js
scripts.futureads.io/scripts3/45890/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/45890/8fa10895f61293c9aa16.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:01 GMT
server
nginx
etag
W/"626a8149-12a41"
vary
Accept-Encoding
x-cached-since
2022-05-12T14:16:19+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 13 May 2023 14:16:19 GMT
tag-manager.runtime.js
cdn.admixer.net/analytics/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.runtime.js
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
3f47780ac6a0cd5da2d08e3d14d6c5fd05cb359a527f056bdf3a627dd814bfb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 13:21:02 GMT
server
nginx
etag
W/"6074493e-515"
vary
Accept-Encoding
x-cached-since
2022-05-12T11:15:50+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Sat, 13 May 2023 11:15:50 GMT
tag-manager.js
cdn.admixer.net/analytics/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
044316373e018c29ee8a1138fdaac42494514f8f7da4e89da024de6d568a50f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 13:21:02 GMT
server
nginx
etag
W/"6074493e-6e96"
vary
Accept-Encoding
x-cached-since
2022-05-12T11:15:50+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Sat, 13 May 2023 11:15:50 GMT
projectagora.min.js
aghtag.tech/libs/ 		277 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: pahtuo.tech
URL: https://pahtuo.tech/c/telegrafi.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45667f6d965028a616f817d5d70dd92913973a3a312061c381bb24e122e44e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6084
cf-ray
70ab57e38db891f0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
82860
x-amz-id-2
x1gFhpip6acYuOfrbiABG9iJZ0Ux/NpsO5j2KHqZsnaX6vgjU2dBYx374uQyFzTHdZ0LV8nIkHc=
last-modified
Tue, 19 Apr 2022 12:27:49 GMT
server
cloudflare
etag
"bb57efb3934f8f3936cfd4aec11e42f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jznwaDapRuD7MLx2IxtNsvlBecVUvyfamOMBXMzlmpEFgtjlEjSzsjzarlzf%2BvrjDQmYLNtD%2BDdwFOcDuKKB%2BBcVBbEd09roEud%2BzZf0XVQAwJGRm6j%2FmaHEso2p7gntlLkHiU%2BIykw4eg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
2430CPNY4TD96XX2
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fb5577c6224b8f05cba98a5fccc6c3465e1aad6746196aa65795f67313dd1ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69626
x-xss-protection
0
expires
Fri, 13 May 2022 12:19:35 GMT
web-vitals.iife.js
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.iife.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
9347100
fly-request-id
01FT83NE1FV146MGHMT40QQ32Z
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"114c-NCNEyA/dMQ5L7XGqd2v2QNXHero"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
70ab57e45a15903c-FRA

Redirect headers

date
Fri, 13 May 2022 12:19:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G2YNNCHT9ASTACY06R36SA9E-fra
server
cloudflare
age
67
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.4/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
70ab57e3786d903c-FRA
access-control-allow-origin
*
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
16d6cdb80b178772bf074bb5dea01be73e9361f003adad266469e3de4b9ba641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
pubads_impl_2022051001.js
securepubads.g.doubleclick.net/gpt/ 		364 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js?cb=31067572
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126527
x-xss-protection
0
last-modified
Tue, 10 May 2022 08:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 May 2023 12:07:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		302 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=telegrafi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
788d2bce01811b17f349262926dbf9b75909181eae495f36c6749c9029b5348b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
155
x-xss-protection
0
expires
Fri, 13 May 2022 12:19:35 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://telegrafi.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Fri, 13 May 2022 12:19:35 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://telegrafi.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Fri, 13 May 2022 12:19:35 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
localstore.js
script.4dex.io/ 		483 B
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267685
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzT8tRHftesZ8kVRWkk9waghFRi2Mcug0Kujr13MVeRKv9eaWQsFHiOBuXfTCMemL3HmuKQ2eb7sd7ZEXgh4%2BYzLKtJ3tSkOZqjlPdk2nzrK4A%2BSdHJ4ZpEEX9mYk9nKR21wq42th%2FcBykIc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
70ab57e3f978924a-FRA
openrtb
adx.adform.net/adx/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		144 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a4bb75eb125780a4e9bcd5692ca29937d097f0457576f02959285de938b0272c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ff9721e3-27ad-42d5-8163-d0eea4badc87
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		95 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c1b291fb3b194e6a11d556efd4a948477ffd8fdff42c8a5557a165e1de8b1bb1

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
mp.4dex.io/ 		114 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ad53ef170d230e44b148281a568d5e9a1922d5ff66b4af358eb56299e68e35

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
70ab57e418dd91e4-FRA
pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
/
prebid.smilewanted.com/ 		0
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fab9078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fae9078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fb09078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fb19078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fb29078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fb39078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fb79078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e42fc69078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e41fb69078-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
d.vidoomy.com/api/rtbserver/prebid/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643280562401-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=62d8a7a1161d293&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
489cb0c1f1d053a406c57039514f6364006a02ee604b15d0693111ac986f2b42

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
server
fasthttp
vary
Origin
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-expose-headers
X-Vd-C
access-control-allow-credentials
true
content-length
8647
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643279886631-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=639d12990dcf4f1&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643280255516-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=64efcec354f7b36&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643280516776-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=6542b10660dacad&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643279836537-0&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=6600aee95ba2f58&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643280286053-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=678d09419e2d1f5&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643280585022-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=689cb5be2224a02&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643280540104-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=69241c8e6b40f25&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-credentials
true
server
fasthttp
vary
Origin
access-control-expose-headers
X-Vd-C
/
d.vidoomy.com/api/rtbserver/prebid/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=18529&adtype=banner&auc=div-gpt-ad-1643279862732-0&w=300&h=250&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.64%20Safari%2F537.36&l=en&dt=1&pid=62181&requestId=70525851d5e27b8&d=telegrafi.com&sp=https%253A%252F%252Ftelegrafi.com%252Fpyper-vjen-kampanjen-te-re-per-hulumtime%252F%2526data%253D05&usp=&coppa=false&videoContext=
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
b526fbfc0c0585f25d5924e9ccd508f62189311e0e06da74f06d8ae6d2537fc5

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
server
fasthttp
vary
Origin
content-type
application/json
access-control-allow-origin
https://telegrafi.com
access-control-expose-headers
X-Vd-C
access-control-allow-credentials
true
content-length
6575
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=439dd491-f925-411c-8538-942fcc5785bc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3590127698700747
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ed04e0ba2f0fb918392438922e3ba8cbf9704eedeb0a709bf79d9f25f80ac525

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=e88cf6ea-d0c2-458a-b451-3e95e88baeae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6817648897155573
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d152205efd8c5bfc0f52782e3c2d10fc8226fa26f3c6319642fdd8fe2b46e094

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=b9374b8a-04f7-4f65-bc3a-165353c800fc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21996245402153458
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
930c519c321d929e86546aef6ec64ca7d09048e60734c63c6c64b2968e987e74

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=63f4b553-1cf0-45ea-9717-7a8c7960391d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9146844730418653
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
acc070ea56e5a867d7740942fabbcef49bef8bf5185385887036d1a5222aa1d8

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=2&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=1583b952-40cd-4926-add1-e22164d55f59&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46597941460950043
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3223ec1e3d2d068cfc311ef86a848b42be83370d6f2d24fbf8b4406d77664ff3

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=42e3c583-dc79-4de3-88d2-3718abae13ea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8659324947787013
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9ba40420a8e6bab2ae6a4028bde206adaf4031a374f1d4fe7f5a9a9d4a093304

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=b15c66b3-4a2e-4d91-8512-b780aad56604&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31284630063107577
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8394833233d97e66fb53de49fcbe14f810c2ef0c96171b9bcc391a0a85ffc8ef

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=863b321e-d3bf-4d02-b409-a6607a881003&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5088523700816383
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
af3e87eca9a0439a9f9dfea8d59eae52eb0cb035775aebcc262eb8a4f2bf54bc

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=126386&zone_id=2263090&size_id=15&rf=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tk_flint=lmonebid_lite_v6.6.0&x_source.tid=b1e0ff5c-1b81-45b1-961e-4ab5f3007b1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8138939151715823
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9ca861e8f5cfbccc42174e6a7d19d4e3f60045864d7ffef38c0c9c53e3e26720

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=79171390490
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:34 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		715 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&PublisherDomain=https%3A%2F%2Ftelegrafi.com
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
ae4086159cc7d5a2bf887fa1e511ad3288d7dfa48b5168e7c114c36987b1d365
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
15
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
715
expires
0
bid
central.gjirafa.com/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/bid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d9a6c49e5aec0178d68762a6a1be2154f25a5b16fb21aa7250dfe1aace6f4899

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI8vGPNcZLpBQvokYGhh4RxtgXKsSOMB90XZ8q7CleYXpxppogsVVhKJCT9I72iHUPWrQDMUnJF%2FC%2FLOvt1Zgfg7Z0f6xq4hiQyCMYGHZJT8DJzmYIrd60zYNmpZxIxdfAQyE90%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cf-ray
70ab57e46b2a918c-FRA
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.121.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-121-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
vary
Origin
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1652444375670&src=pbjs
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
prebid
ib.adnxs.com/ut/v3/ 		41 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
39db8f017da79268762a8e797bd21e27f940f54780bb7481866c391e5bfad514
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
13b40bb5-e965-49d2-860e-18fba65aea2b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
24b5460600cc9a53b3815e2aa07e72c6453cee4b38da4358106f581d224afe00
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
439188dd-c8b3-42c5-9805-02c4c4eb30fa
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://telegrafi.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
brightcombid.marphezis.com/ 		0
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.163.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-163-155.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 13 May 2022 12:19:35 GMT
access-control-allow-credentials
true
server
nginx
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		171 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:34 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:34 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=62958804060
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
/
ghb.adtelligent.com/v2/auction/ 		16 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
1f16a2f34ecbf56fbf6139360f8cd57f6138c7948e6efa5db9300b96c8db7051

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 13 May 2022 12:19:36 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1343
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		718 B
770 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&PublisherDomain=https%3A%2F%2Ftelegrafi.com
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
13835382721bd17f6246fdd403c22aa56b6daadc3874659c8becd66229001fc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://telegrafi.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
718
expires
0
sync.php
pixel.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
js
www.google-analytics.com/gtm/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MTCHQ67&cid=1338537763.1652444376
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7589dcfe629156349bb731aaf52b53fb39abd1660d75839519471634b15364c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37340
x-xss-protection
0
last-modified
Fri, 13 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 May 2022 12:19:35 GMT
sdk.js
connect.facebook.net/en_US/ 		285 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=63a69806b31c342505c4b9f385f729cd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90e4721a535dede6c81a4adca4fa0719ff1d9da417472d10d295912f243f7333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://telegrafi.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ytsYso1zWcVshxpgzB2Mcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 13 May 2023 11:53:42 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83795
x-fb-rlafr
0
x-fb-debug
hu5e5v5JP27ysF4uUCavjvCEZNgTdFd6R+tjrcaChY+C2r0uTjT7CRbC67wpTpPrSSsprJBJf5vcTWrpReg5Hg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
21914c1cc4cc45d2c5ebf8219400bc21
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 13 May 2022 12:19:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7df503063ea20229415416e593e25fa6"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
260833360772983
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260833360772983?v=2.9.59&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
357b527cc71319c63e2c0765caf0b109980d8d1de6eafe199a32d165d5095b33
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
gW0jzu2ISOMkAsVvUZPlU5MrW7E2G2QziphJ1PTHi+gfXDWeKmYiStK5FvW6mJ/3/GosJ7KzdF7f3oXVKqAp1g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 13 May 2022 12:19:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1652444375842
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		52 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5d7077a30dfc7c91cff8cdb8af3b8db14ac790cf886d6127c2b4f63648cfa3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 20 May 2022 12:19:35 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:18:54 GMT
content-encoding
br
age
42
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 12 May 2022 12:12:36 GMT
server
AmazonS3
etag
W/"d1cd21eabed7b3f0b671004cf14ae9c1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
wpJShm6MsXwthqjC_dX4_07MeHHpmerZzMz9fD3gIOQJ_DiWwKWIjQ==
57708651-0-image-a-41_1652315817460-380x233.jpg
telegrafi.com/wp-content/uploads/2022/05/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/57708651-0-image-a-41_1652315817460-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231af8336a1003af19d28ef34c03f756eebe7092c311d1d70cdead0f4d684f4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
180
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21867
pragma
public
last-modified
Fri, 13 May 2022 08:55:36 GMT
server
cloudflare
etag
"627e1d08-556b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAIneJoLYLr2Ggkv%2FlpuZyIM%2FmSJ792JaRbPszk13goFEsT%2Fh8yYkZADLhxEDtmQrku7nPNRZeIsZZ6w0fBnx0IKQYhI1vZbAc7dyoVIvEuTvFSbpnSV5KeL3Z9zHnESVCzqVevECjKZAh0B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 12:15:28 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a2f9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
H4Y7GD3ZEJEV5BU2RUHQJ74HUM-380x233.jpg
telegrafi.com/wp-content/uploads/2022/05/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/H4Y7GD3ZEJEV5BU2RUHQJ74HUM-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dff9e76c45db869dc68405f4bae8bd582e54a00444b664862f2af7bfdc21040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15709
pragma
public
last-modified
Fri, 13 May 2022 06:49:09 GMT
server
cloudflare
etag
"627dff65-3d5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6aPGFELS%2F%2Fo7sNZFSoGsp6HUYKbcigXUVBz%2FB3GKA%2B9s7QEt1BHE9yAcZfao5Woq6V%2F%2Bj2Pts97WA889Hn3Zo8eACmnsbw9S3JNLNdxOn1nShoL6RzMFoHinIZwJn%2B6YCLov5S%2B%2FHOmiH1I"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 12:15:22 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a349165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Cover-380x233.png
telegrafi.com/wp-content/uploads/2022/05/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/Cover-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d307deaa4953ef632d0ccaf98f4a73a6876e6eeb563c55c9749ef3991aff792b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113567
pragma
public
last-modified
Fri, 13 May 2022 12:14:20 GMT
server
cloudflare
etag
"627e4b9c-1bb9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XX02InF2zwmvy5ng%2FzEaaMZmeUhzLj5WuVegNvWJQ2yL6BUG5zrvdac9jJ0pL65HoMaoNVKQbBIpJajIiHDpnNdHw%2FtiTAP5ozynKJ81Emwb1s%2FO%2BD%2F9WfwX2VWqTmfk5YK7sfKyYEtjkrIN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a369165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 May 2023 12:14:57 GMT
image-2-1-e1652444064415-380x233.jpg
telegrafi.com/wp-content/uploads/2022/05/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/image-2-1-e1652444064415-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900f6778aee1fdf76ae86b61d6c96930e5f7a734d0ccbe783532d1d7ed990da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29772
pragma
public
last-modified
Fri, 13 May 2022 12:14:24 GMT
server
cloudflare
etag
"627e4ba0-744c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uFNGuIY2TfVsjNKFs3HNHUbWC0MrYNEwcy5dgCQ%2BNjJYzr5F36UScbeG0H4KA38BMdQU4Ox2OERnH2n1zhcXztnhNHVshkquiDjxd0hzl4a9vRGF4fVUTYvJyA36%2BE8beYlF4DU6yudn5zN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 12:14:52 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a389165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Paul-Pogba-F365-2-380x233.jpg
telegrafi.com/wp-content/uploads/2022/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/Paul-Pogba-F365-2-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81f689f91e61b156cdb6b77ec60f64c4690ba5e9fa52d6b58cec792da5f75840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16415
pragma
public
last-modified
Fri, 13 May 2022 12:13:17 GMT
server
cloudflare
etag
"627e4b5d-401f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zks8hstDTyr46kpIQV33BPvc0wI1C7hYZOuopzydunan0ca4xjP312CvFmaa9XTMTqj5EpvOU2CooJDnbchYlbxkKVe80TMHdQEsoKF3Ivsrgf1Jrd888h20ppJ5xk%2BBUoLaiif%2FhkhhTNLg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 12:14:11 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a3a9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
policia-kriminaliteti-mes-te-rinjve-1024x576-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/01/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/01/policia-kriminaliteti-mes-te-rinjve-1024x576-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd1b59ba1103c54edda8130f5e199e2eb1cf77f9a308235365be19637b51a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12714
pragma
public
last-modified
Sun, 09 Jan 2022 20:22:32 GMT
server
cloudflare
etag
"61db4408-31aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ58tozCYGpeNIwtFPIonJ8K4foYW58N9J8onmgshCX9%2BEV5JGJzHll2bj47taHQXtMB23vqFBZa3cBsBC1V3FbYwCJjxBVrh%2FO5W31FZbpQ9Khz%2Feh%2FEPw8udGYoyshk%2FB%2BwN5eA6737GWF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 11:50:41 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a3e9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Screenshot_4-35-380x233.png
telegrafi.com/wp-content/uploads/2022/05/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/Screenshot_4-35-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3da7b90955f346ed6e01f14bdbd16bbe8c7a2df5061a3c3daa1f4021ae7931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109459
pragma
public
last-modified
Fri, 13 May 2022 08:07:33 GMT
server
cloudflare
etag
"627e11c5-1ab93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uljyn%2Bn1369gGziDFAn0RckCO5OGelCAqJjKI7qSUwwoIyUhYWCPxLEsOo7WZ1w4v%2Ban3tbK42MVIMPwDbMjdiZLoL65Ez5UlgyNGKJiZxqnIP6my0mj1sbGgJ1qKGrIVopEZ7lwWm0YmIAi"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a409165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 May 2023 12:02:17 GMT
Komisioni-p%C3%ABr-Antikorrupsion-1-380x233.jpg
telegrafi.com/wp-content/uploads/2019/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/05/Komisioni-p%C3%ABr-Antikorrupsion-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aeab092d4d2a48725bb8c1138d2c14674d8d555c33524057e851c1e36162d8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1015
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10038
pragma
public
last-modified
Wed, 22 May 2019 10:03:31 GMT
server
cloudflare
etag
"5ce51e73-2736"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEuF2BYfIv4xb%2BDFiBbpDMU5uidRWM5CsPbHRwQ9bCfZMVwWhK3A%2Bn71cV66eMS6ziyvv7We1%2FO5pWfRGzngIhvMEzAxWSXcg8zMo8zAiDqjt9JdFZ%2BSMOduWQPYER%2BNeeyJf0WOVhy5xpG3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 12:02:41 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a419165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
4-2-380x233.jpg
telegrafi.com/wp-content/uploads/2022/05/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/4-2-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60dbb3a246c0b3fb279be051340af0df8f14b44cb7394eaa4268c3e7fc9ade2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20589
pragma
public
last-modified
Fri, 13 May 2022 11:57:31 GMT
server
cloudflare
etag
"627e47ab-506d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpWaHghWOhoncJNB5IwQrNxiVYPUlnk4%2FN%2FUSMMM9bWXWApUt%2FtflB9x%2BVEbcBY%2FqW5vSw%2BOSVX1rdcLirNxPuJo%2BJ4UhwxcSKv6AtbyYG5Z3gGu1ZzmRnUyA2WUp7g5iJyJ7%2Fz7%2F3gr6cA9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 11:57:42 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a439165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
WhatsApp-Image-2022-05-12-at-7.10.05-PM-1-380x233.jpeg
telegrafi.com/wp-content/uploads/2022/05/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/05/WhatsApp-Image-2022-05-12-at-7.10.05-PM-1-380x233.jpeg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3993c1b94d20a3a33396c103e42205b1c539994777cf512c07636cf7cc4944d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1422
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19037
pragma
public
last-modified
Fri, 13 May 2022 11:52:42 GMT
server
cloudflare
etag
"627e468a-4a5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BR6ZflczLNJ4tTIIhx6z7cBsKp2Hiyf1vn1Pu5tT2X9JGNyILCU7AhgWCXhEhvGTnNTz1CAOOP%2FCAVL8z2g3ngqg1vcob3bNZCJcxRkapF%2BUqo7JFDmuiw7d1t%2FLDHFYgtkIyUzDXaCmentW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 11:55:20 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e67a459165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Lukaku-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/04/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/04/Lukaku-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a64301a3bb604a917ef4002e9df84ce459d8c6eb9bc11a1fad5ac665a060a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1753
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22493
pragma
public
last-modified
Sun, 03 Apr 2022 12:29:47 GMT
server
cloudflare
etag
"6249933b-57dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWSn13%2FvtlKL3VL5Rzzg5t8P6UdwY%2Bwi8X1IlPjJtbDdLZsRyx6g2I7FNk%2FnXLiBAWq9szbGXYKIhACdS06c2C5NigXCx%2B34wOtfdYp1kVavMlOmns6OetkEkFn9MZZYCyEbqj7%2B8ky4U%2FRP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 11:49:17 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e69a7d9165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
Arrest-1-380x233.jpg
telegrafi.com/wp-content/uploads/2020/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2020/02/Arrest-1-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf531a5bf5f88c33ba1aadd0f95a1b65de88fdee6f3957396abf9d561c085f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16920
pragma
public
last-modified
Fri, 14 Feb 2020 08:39:50 GMT
server
cloudflare
etag
"5e465cd6-4218"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9HCTNfDlCg70vxdj6cevYtGJccoZNa5wSY3RTte3evnusNCBEbWvYWQeLqooQe4NPIiCjMT0L%2F%2Bvu1EP3j78zj2Vd%2F4HmP5yo%2Fan10fZziLq5EOLnS7lnwNohHcs0uBYuw9CM2lfL7BpgJ8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 13 May 2023 11:42:36 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e69a819165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
h2pri
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GGFDBX585G&gtm=2oe5b0&_p=501304659&_z=ccd.tfB&cid=1338537763.1652444376&ul=en-us&sr=1600x1200&_s=1&sid=1652444375&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&dt=Page%20not%20found%20-%20Telegrafi&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cntcm.aspx
ads.futureads.io/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=6b67fbc3-273b-402c-ac24-9bfc46f302c0&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&pv=1&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://telegrafi.com
Date
Fri, 13 May 2022 12:19:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
dmpapxl.aspx
ads.futureads.io/ 		43 B
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
cntdata.aspx
ads.futureads.io/ 		48 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntdata.aspx?query=visitorid&containeroid=b1c6b850-d671-4b42-ad56-9bafbee994c0&referrer=&pageurl=https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
9b213099bc3df80501634f76b0c9e5f54935ef942bb0e49dc1e883b2c9c93911
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Keep-Alive
timeout=25
X-XSS-Protection
0
es6_452a4b73fdc057ec6747.js
s1.v-player.net/player/stable/ 		916 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.v-player.net/player/stable/es6_452a4b73fdc057ec6747.js
Requested by
Host: s1.v-player.net
URL: https://s1.v-player.net/player/stable/html5player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
9a01cf7070ca19a8f1c9c0539792449682d92dd5e57cf56609bf706364355f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 11:41:13 GMT
Server
nginx
ETag
W/"5f8eccd9-e4f0e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 14 May 2023 12:19:35 GMT
telegrafi.com.js
u.heatmap.it/conf/ 		42 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/telegrafi.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f0568e02c27cc010bb576b17ef309c9c6cfba9a70a1cf6788e4cc453d5b1681a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:01 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
sbg
accept-ranges
bytes
content-length
47
x-request-id
445875811
expires
Fri, 13 May 2022 12:24:01 GMT
dmpapxl.aspx
ads.futureads.io/ 		43 B
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:35 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Cache-Control
no-store
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
cntcm.aspx
ads.futureads.io/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=ee60cece-c18b-4fae-a293-37335c252d69&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&pv=1&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://telegrafi.com
Date
Fri, 13 May 2022 12:19:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
213794966
fundingchoicesmessages.google.com/i/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051001.js?cb=31067572
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7bc4eff8a3e4083678781ca226df4d259884a2aae900e877353260b824f17efb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4dZPHZhTV2GyAXY--BcUZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-4dZPHZhTV2GyAXY--BcUZQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4dZPHZhTV2GyAXY--BcUZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-4dZPHZhTV2GyAXY--BcUZQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Fri, 13 May 2022 12:19:35 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
267681
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx411cc42725984708b1054-00627a3731
x-amz-id-2
tx411cc42725984708b1054-00627a3731
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gWPPuGbQN6vCnBEXGiLtGJTfXuBvj0psyfkWJQgEzgoTJrJ7LSIjrH2EOThsHXlEz6j2G9HyXRRkhByugoBow%2BjUOQFr%2BYCSWLXt2xyo1h1fWhPGjNLhC3qditftXO6Gn0wNhKQW7AT2E5t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
70ab57e56b28995a-FRA
access-control-allow-headers
Authorization
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b766a9a157a6676c52ce841eccc4f3f7cf70532870a8c9db743733e8337e35a8

Request headers

Accept
application/json, text/plain, */*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 03:00:41 GMT
content-encoding
br
age
33535
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 04 May 2022 19:52:29 GMT
server
AmazonS3
etag
W/"158b40c148433f812fa5da920080c7db"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
OuBLF54Z6UN5RIY_JEg7a2yzjPTp3Nuq
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P4
content-type
application/json
x-amz-cf-id
HJUjH50TN6YqUMHO8pZ9a6grD1mFDz-rI3zNe8T3Lhse0BnWpqlNLg==
pv
eu6.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu6.heatmap.it/log/pv?pid=4408&u=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&tpl=.&pt=Page%20not%20found%20-%20Telegrafi&t=360080
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.202.74.47 , France, ASN16276 (OVH, FR),
Reverse DNS
eu6.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:36 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 13 May 2022 12:19:35 GMT
rules-p-5DC2nemX4YAUu.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-5DC2nemX4YAUu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 11:25:16 GMT
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
server
AmazonS3
age
3258
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P4
content-length
2
x-amz-cf-id
yIu8l8Me6fZPSpO_bu0XWM0MghOUS_RRjRsok5sO7a8daWvMuvGYug==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=501304659&t=pageview&_s=1&dl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Telegrafi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=1735866994&gjid=943770426&cid=1338537763.1652444376&tid=UA-2976507-1&_gid=2072127264.1652444376&_r=1&_slc=1&z=1139655640
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=220167648175857&input_token&origin=1&redirect_uri=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=63a69806b31c342505c4b9f385f729cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
nvZ/iNm3jYyFNRTbwFMTJUFvz/RzVfy2tBx7lZ1k2KjAYJrBAvMV6qlro5WvRRsedOman4aHF1yfUyKd8y8YtA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Fri, 13 May 2022 12:19:36 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://telegrafi.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=220167648175857&ev=fb_page_view&dl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&rl=&if=false&ts=1652444375909&sw=1600&sh=1200&at=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 13 May 2022 12:19:35 GMT
cntcm.aspx
ads.futureads.io/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=ee60cece-c18b-4fae-a293-37335c252d69&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&userid=c30b53a50ce44d13950e8c059ea8d199
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.106 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&rl=&if=false&ts=1652444375931&sw=1600&sh=1200&v=2.9.59&r=stable&ec=0&o=30&fbp=fb.1.1652444375929.1141986755&it=1652444375735&coo=false&rqm=GET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 13 May 2022 12:19:35 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2976507-1&cid=1338537763.1652444376&jid=1735866994&gjid=943770426&_gid=2072127264.1652444376&_u=KGBAAEACQAAAAC~&z=1594050560
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 13 May 2022 12:19:36 GMT
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/41/ 		229 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
934d35d5422b86b726784254cba34432d58cb349c34b3ec4ea01dd7f66cb9ce5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 12:13:47 GMT
content-encoding
br
age
86749
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 12 May 2022 12:12:03 GMT
server
AmazonS3
etag
W/"3fde72824266a05eae8a5dd9624fa72f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
2e0fga92Xsmt4uqeKNKUu6chn38yxevUzlw3-hb6owkR2PrkHHUUTQ==
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ 		297 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:8000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f72c16ecf6e8deba68539911cd639b96ea0a92a44fee56d3965e93242181a56f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 03:00:39 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
33538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 13 May 2022 03:00:34 GMT
server
AmazonS3
etag
W/"1d25ad78e3eb5998cf69d781120fe439"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Mtz4M9XaIlcQBB3BVs0RwycGiB-B-MMSAm-rR7hQhoBSMOFvto_frQ==
AGSKWxXF3R8cfGxl8bN7UK74p5L79I-ZFo0qyYyuhpKnEOZ0yPgxDZK8JqhpwRMNjuW2D3-_EdLDuicPn0lK-tHnzog=
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXF3R8cfGxl8bN7UK74p5L79I-ZFo0qyYyuhpKnEOZ0yPgxDZK8JqhpwRMNjuW2D3-_EdLDuicPn0lK-tHnzog=?pvid=87B95BF4-A448-4F67-8FF5-73489091D539&anonid=A10871C6-3F26-4F00-B2C0-4F8AB1687AE0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.dgv3Scd_py0.es5.O/d=1/rs=AJlcJMy7f0oj6QRLJZ64i3F4veOziJneBg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rg1IOyGjQpVI5A5Z_dTsOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rg1IOyGjQpVI5A5Z_dTsOw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
https://telegrafi.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-rg1IOyGjQpVI5A5Z_dTsOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rg1IOyGjQpVI5A5Z_dTsOw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%225DC2nemX4YAUu%22%2C%22domain%22%3A%22telegrafi.com%22%2C%22publisher%22%3A%22Telegrafi%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.41%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%225cgHr8lNOUMyKG0uXbj0jQ%22%2C%22clientTimestamp%22%3A1652444376017%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-a9i07vqjj02mlo5mgjmr%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.92.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 13 May 2022 12:19:36 GMT
content-length
2
content-type
text/plain; charset=utf-8
telegrafi_logo.png
telegrafi.com/wp-content/uploads/2017/02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/02/telegrafi_logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54bf38cbd1e24686b4d06e6eef66bdabe95db066455b22dfcf30a94d52fb9d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9348624
cf-polished
origSize=17280, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2344
pragma
public
last-modified
Sun, 12 Feb 2017 14:51:09 GMT
server
cloudflare
etag
"58a0765d-4380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BT4Pq2jOkALGCuGx8xmf2wE745Ev876TCMl3obnUUEJhBAhxmk8It4Bry%2BA3kgRehu%2F5NTN2wq483g8d%2FsUvef6X9%2F0LB%2BgxftdkWnmaVQ6guyOxm2FY45%2FCek6bViWOYDoVri0yEiel%2Bff"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Wed, 25 Jan 2023 06:11:11 GMT
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
70ab57e82de09165-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj
imgq:100,h2pri
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2976507-1&cid=1338537763.1652444376&jid=1735866994&_u=KGBAAEACQAAAAC~&z=1202145857
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2976507-1&cid=1338537763.1652444376&jid=1735866994&_u=KGBAAEACQAAAAC~&z=1202145857
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_info
bot.webpushr.com/prompt/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bot.webpushr.com/prompt/get_info
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.225.42.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0274be65e836d01596bcb9487fbfaa5b980bdb4fadaa9cfd18ad085b5ac66436

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 May 2022 12:19:36 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
X-Fastcgi-Cache
HIT
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
server_name
lookup4
session
analytics.webpushr.com/impression/ 		0
536 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/session
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.68.235.115 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 May 2022 12:19:36 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
1
serving.stat-rock.com/v1/placements/jBsDrr2VjZQa/code/js/ 		1 KB
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/v1/placements/jBsDrr2VjZQa/code/js/1?url=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&b=0.5192198328084554
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
4e6b0d422bfde0bcc6d7b4937b8d23b99619ad8f58490d146d51991c54094739

Request headers

Accept
*/*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:36 GMT
content-encoding
gzip
server
nginx
srvb
127.0.0.1:8082
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://telegrafi.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
srvf
199.101.135.227
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=Microdata&dl=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&rl=&if=false&ts=1652444376434&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20not%20found%20-%20Telegrafi%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22object%22%2C%22og%3Atitle%22%3A%22Page%20not%20found%22%2C%22og%3Asite_name%22%3A%22Telegrafi%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fwww.telegrafi.com%2Fwp-content%2Fuploads%2F2016%2F03%2F00.Telegrafi.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.59&r=stable&ec=1&o=30&fbp=fb.1.1652444375929.1141986755&it=1652444375735&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 13 May 2022 12:19:36 GMT
AGSKWxUenWVCTrccfBLMD_amLMIaDD11cWhhzCau-IsDx6qbDD-pp3pUeKmYmX0YiRYUGXY7TZ2QWrJ0c9IlPsDT2wk=
fundingchoicesmessages.google.com/f/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUenWVCTrccfBLMD_amLMIaDD11cWhhzCau-IsDx6qbDD-pp3pUeKmYmX0YiRYUGXY7TZ2QWrJ0c9IlPsDT2wk=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNDQ0Mzc2LDQ5MTAwMDAwMF0sIjg3Qjk1QkY0LUE0NDgtNEY2Ny04RkY1LTczNDg5MDkxRDUzOSIsIkExMDg3MUM2LTNGMjYtNEYwMC1CMkMwLTRGOEFCMTY4N0FFMCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLGZhbHNlLGZhbHNlXSwiaHR0cHM6Ly90ZWxlZ3JhZmkuY29tL3B5cGVyLXZqZW4ta2FtcGFuamVuLXRlLXJlLXBlci1odWx1bXRpbWUvJmRhdGE9MDUiLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.dgv3Scd_py0.es5.O/d=1/rs=AJlcJMy7f0oj6QRLJZ64i3F4veOziJneBg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a5216e276c2215dd38ed12219c86f3c67b16954ce310f64021884b335695c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vtdKd16d3mhns_XJA5YCyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vtdKd16d3mhns_XJA5YCyw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vtdKd16d3mhns_XJA5YCyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-vtdKd16d3mhns_XJA5YCyw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Fri, 13 May 2022 12:19:36 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX71kkclaed_KKYMnngnpdLeorZzbWhctc9HbsOKm7Cd2ofh6bLCNZf0_zMBiiORRbLZ0sjdZ7cdf98FrytieK0D-1kOofGADDIr21zNLtIe5A00qfJJT1iENhAyHcH3QMEay7fkJYE0UPAgZnVhdfl64NLhVLF9vX6B9kW9xLeDewkpwELOUHAX2O8
fundingchoicesmessages.google.com/f/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX71kkclaed_KKYMnngnpdLeorZzbWhctc9HbsOKm7Cd2ofh6bLCNZf0_zMBiiORRbLZ0sjdZ7cdf98FrytieK0D-1kOofGADDIr21zNLtIe5A00qfJJT1iENhAyHcH3QMEay7fkJYE0UPAgZnVhdfl64NLhVLF9vX6B9kW9xLeDewkpwELOUHAX2O8?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUyNDQ0Mzc2LDYwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwwLDBdLCJodHRwczovL3RlbGVncmFmaS5jb20vcHlwZXItdmplbi1rYW1wYW5qZW4tdGUtcmUtcGVyLWh1bHVtdGltZS8mZGF0YT0wNSIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.tvNDj5vT5BA.es5.O/d=1/rs=AJlcJMwKeT4EfvKcVFdnbTl5PKwCE1QDEQ/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ba4a1cbc55c065d56c6d29e697e81266caae4f2c075fa36a40f09035cc6c845
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fVzAVMec0-oP1SaU_VObeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fVzAVMec0-oP1SaU_VObeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-fVzAVMec0-oP1SaU_VObeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fVzAVMec0-oP1SaU_VObeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Fri, 13 May 2022 12:19:36 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
prompt
analytics.webpushr.com/impression/ 		0
536 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/prompt
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.68.235.115 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 13 May 2022 12:19:36 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://telegrafi.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
BHHIF6zTiF.png
cdn.webpushr.com/siteassets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.webpushr.com/siteassets/BHHIF6zTiF.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.101.145.111 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2daae0c04eed05f051bccd667c1defc815d84ebd5474f897300d84fbf71b4104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
last-modified
Fri, 06 Aug 2021 09:55:37 GMT
server
nginx/1.16.1
etag
"610d0719-c1b"
content-type
image/png
access-control-allow-origin
*
x-gg-cache-status
HIT
accept-ranges
bytes
content-length
3099
1
serving.stat-rock.com/v1/log/js/ 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=&type=ERROR&placementId=initError&tagId=&message=init%20element%20is%20null&u=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&t=404&v=108&w=l5Z1JGualgXm&r=0.9942455335399525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://telegrafi.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
https://telegrafi.com
date
Fri, 13 May 2022 12:19:36 GMT
srvf
199.101.135.227
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
pv
bisko.gjirafa.com/ 		68 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1652444376737&guid=0e6937a5b6114edb81eef5115cac081da2e3b1db841a41ceab7b633d384efc76&sd=d109053f2d2946d08f9fb39a3638d2ce&c=%5B%5D&tg=%5B%5D&tt=Page%20not%20found%20-%20Telegrafi&u=https%3A%2F%2Ftelegrafi.com%2Fpyper-vjen-kampanjen-te-re-per-hulumtime%2F%26data%3D05&r=&bl=en-US&sw=1600&sh=1200&h=2&v=6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:36 GMT
x-aspnetmvc-version
5.2
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvC6a9WAwLpece81PWck6pEaVQrG4MqfnFDwBKSamrDLahElVXPUZmZZvz5HlsD%2BiKjcPxuLxsTwyMwUDr88QOTTaZ5kr1pXOgFMYo4aNFBNKddMokVB4FkzmPRcdMZS6qys"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-cache-status
DYNAMIC
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
70ab57eab8b0918c-FRA
content-length
68
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-allow-methods
HEAD, GET, POST
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
content-length
0
date
Fri, 13 May 2022 12:19:38 GMT
x-graphql-event-stream
/graphql/stream
graphql
s333.adxpremium.services/ 		84 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash
59301f0b61dfd75c0e86f82e6e2c5c6006be7b9ffe0b96c44dbad2f59aa6ed15

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 May 2022 12:19:38 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
84
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:38 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 May 2022 12:19:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:38 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 May 2022 12:19:38 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:38 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 May 2022 12:19:38 GMT
graphql
s333.adxpremium.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
access-control-allow-methods
HEAD, GET, POST
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
content-length
0
date
Fri, 13 May 2022 12:19:39 GMT
x-graphql-event-stream
/graphql/stream
graphql
s333.adxpremium.services/ 		84 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s333.adxpremium.services/graphql
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.228.222.122 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3189334.ip-152-228-222.eu
Software
/
Resource Hash
fe6caf5b135fb565f8850fb6cdbcffb44ec53a29a8f71af6660d251b48cd4a08

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 May 2022 12:19:39 GMT
access-control-allow-methods
HEAD, GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-GraphQL-Event-Stream
x-graphql-event-stream
/graphql/stream
access-control-allow-headers
Origin, X-Requested-With, Accept, Authorization, X-Apollo-Tracing, Content-Type, Content-Length, X-PostGraphile-Explain
content-length
84
/
csync.smilewanted.com/ Frame 6440 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab57fc79bb9078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3E77 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 May 2022 12:19:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame D1B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13396601
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 13 May 2022 12:19:39 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap4ams1
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://sync.1rx.io/usersync2/vidoomy?redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/vidoomy?zcc=1&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DUN%26uid%3D%5BRX_UUID%5D&cb=1652444379665
  • https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
Protocol
H2
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:39 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://a.vidoomy.com/api/rtbserver/cookie?i=UN&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D&ox_sc=1
  • https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=9e63a5ae-c0c9-4ae0-8bf3-97f89fb2a72f
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=9e63a5ae-c0c9-4ae0-8bf3-97f89fb2a72f
Protocol
H2
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://a-prebid.vidoomy.com/setuid?bidder=openx&uid=9e63a5ae-c0c9-4ae0-8bf3-97f89fb2a72f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
tcm7pkstpvo9bn6d11rauvkpfka7kcfd
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6163704074361520115
0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6163704074361520115
Protocol
H2
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:39 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bb5c3359-f806-4ec4-9644-d0f9f8a89835
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6163704074361520115
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dbf245678-717c-4a8e-8093-d41df478d7b...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=49c7627e-4cdc-4f00-8b25-a575e1a75309&expires=30&ssp=vidoomy&bsw_param=bf245678-717c-4a8e-8093-d41df478d7b7&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bf245678-717c-4a8e-8093-d41df478d7b7
43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bf245678-717c-4a8e-8093-d41df478d7b7
Protocol
H2
Server
3.67.18.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-18-163.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=bf245678-717c-4a8e-8093-d41df478d7b7
Date
Fri, 13 May 2022 12:19:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 6440 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1394162
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
70ab57fcda819078-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 3E77 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23105
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Fri, 13 May 2022 18:44:44 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame B24D 		0
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab57fd2b229078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
setuid
ib.adnxs.com/prebid/ Frame C692
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8847d75ec7a498862ca0ce6207f6ccb
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8847d75ec7a498862ca0ce6207f6ccb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
cc727783-d18b-4e53-a524-f6cc3c83a3bc
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 13 May 2022 12:19:39 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab57fd2b259078-FRA
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b8847d75ec7a498862ca0ce6207f6ccb
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 8B89 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70ab57fdef099b82-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
getuid
sync.smartadserver.com/ Frame C114
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 13 May 2022 12:19:39 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 13 May 2022 12:19:39 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
7840b23c-8877-4e1d-982e-70956be86422&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 31FC
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/7840b23c-8877-4e1d-982e-70956be86422&partner_id=1010
0
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/7840b23c-8877-4e1d-982e-70956be86422&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab57ff7f399078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 13 May 2022 12:19:40 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/7840b23c-8877-4e1d-982e-70956be86422&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1
sync-eu.connectad.io/syncer/ Frame F0F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
70ab57fe68089b82-FRA
date
Fri, 13 May 2022 12:19:39 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/ Frame BF19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 10B3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=57173
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 14 May 2022 04:12:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame E6EA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
0
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab57ffe80f9078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
282
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 13 May 2022 12:19:40 GMT
Expires
Fri, 13 May 2022 12:19:40 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
f669bec8-d2b6-11ec-a4c8-1e3504c40206
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 2A64
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=f669bf39-d2b6-11ec-a4c8-1e3504c40206
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/f669bec8-d2b6-11ec-a4c8-1e3504c40206
0
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/f669bec8-d2b6-11ec-a4c8-1e3504c40206
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab580068ed9078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 13 May 2022 12:19:40 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/f669bec8-d2b6-11ec-a4c8-1e3504c40206
Server
nginx
X-fe
38
sync.html
s.adtelligent.com/ Frame 443E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
6afb93bcc848a56418d301ad7bfa8d46dd988771d0c1f926b1674e9205c51663

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://telegrafi.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
953
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 May 2022 12:19:39 GMT
Server
Adtelligent
X-Robots-Tag
noindex
check.html
biddr.brealtime.com/ Frame C654 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2326
CF-Cache-Status
HIT
CF-RAY
70ab58000d2f9119-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 13 May 2022 12:19:40 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Fri, 13 May 2022 13:19:40 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
/
ads.us.e-planning.net/uspd/1/ Frame 2EEC
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/telegrafi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
af522b79dcd32d94a0fde8c26ab49914ba03786017894dc77aca36cb795d4892

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 13 May 2022 12:19:40 GMT
expires
Fri, 13 May 2022 12:19:40 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-607

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 13 May 2022 12:19:40 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-607
PugMaster
image6.pubmatic.com/AdServer/ Frame 10B3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93584504&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0a12056d412365695a1ae79cdfb08869b7071e7d871a1a2e46eac7a73d2c859c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
2c2aaa06-1829-4524-a981-5a68cb000eaf
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 92B7
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/loopme/2c2aaa06-1829-4524-a981-5a68cb000eaf?gdpr_consent=null&gdpr=0
0
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/loopme/2c2aaa06-1829-4524-a981-5a68cb000eaf?gdpr_consent=null&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab580038989078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 13 May 2022 12:19:40 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/loopme/2c2aaa06-1829-4524-a981-5a68cb000eaf?gdpr_consent=null&gdpr=0
server
_
y-uSRmrq1E2uEbON9wAOaYLIw0_EOwsIEv9qdTFwY-~A&gdpr=0&gdpr_consent=
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame F82F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=&verify=true
  • https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-uSRmrq1E2uEbON9wAOaYLIw0_EOwsIEv9qdTFwY-~A&gdpr=0&gdpr_consent=
0
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-uSRmrq1E2uEbON9wAOaYLIw0_EOwsIEv9qdTFwY-~A&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab5800c9899078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

age
0
content-length
0
date
Fri, 13 May 2022 12:19:40 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-uSRmrq1E2uEbON9wAOaYLIw0_EOwsIEv9qdTFwY-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
match
c1.adform.net/serving/cookie/ Frame 3B99
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 13 May 2022 12:19:40 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 13 May 2022 12:19:40 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8220
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c06f627e-4cdc-4900-aef7-c604f3ae0a3e&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c06f627e-4cdc-4900-aef7-c604f3ae0a3e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 May 2022 12:19:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 13 May 2022 12:19:40 GMT
Expires
Fri, 13 May 2022 12:19:39 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4390 fb8620d master pao-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c06f627e-4cdc-4900-aef7-c604f3ae0a3e&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A79D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1982633210603718650
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1982633210603718650
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 13 May 2022 12:19:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug013:0:559

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1982633210603718650
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 6BFF 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 13 May 2022 12:19:39 GMT
expires
Fri, 13 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
466636
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 75D2 		0
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
70ab580038959078-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 10B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x8TSy7GqTvK-hQFcH2OIWg%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=x8TSy7GqTvK-hQFcH2OIWg%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=57173
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 14 May 2022 04:12:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e28627e-4cdc-4300-9c0f-62ebb45165d7
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e28627e-4cdc-4300-9c0f-62ebb45165d7
Protocol
H2
Server
104.36.113.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:58:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
MT3 4390 fb8620d master pao-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4e28627e-4cdc-4300-9c0f-62ebb45165d7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 13 May 2022 12:19:39 GMT
generic
match.adsrvr.org/track/cmf/ Frame 10B3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5af9c02020ca98b5a09e0bafbbb87d7b&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzdDNEQyQ0ItQjFBQS00RUYyLUJFODUtMDE1QzFGNjM4ODVB&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzdDNEQyQ0ItQjFBQS00RUYyLUJFODUtMDE1QzFGNjM4ODVB&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug014:0:511
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECRRXI6wzloJmWm3OGBxh5k&google_cver=1
42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECRRXI6wzloJmWm3OGBxh5k&google_cver=1
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 03:04:56 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug023:0:390
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECRRXI6wzloJmWm3OGBxh5k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 10B3 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 12 May 2022 12:19:40 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=287918371402942664
42 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=287918371402942664
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:372
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=287918371402942664
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 10B3 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163704074361520115&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163704074361520115&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug007:0:322
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
33ebe5e4-5061-451c-b1eb-722696cf17a6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6163704074361520115&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 10B3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tluRH7QKwhmtW8AftFiLGeZakhytDZAb5V7zjXPc
42 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tluRH7QKwhmtW8AftFiLGeZakhytDZAb5V7zjXPc
Protocol
H2
Server
104.36.113.107 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:39 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug012:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tluRH7QKwhmtW8AftFiLGeZakhytDZAb5V7zjXPc
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 2EEC 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc9c49971c03e33da
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 2EEC 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc9c49971c03e33da%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mja4qnoohiv26k6ouplobvnh3u5d4lmq
ptag
a.audrte.com/ Frame 2EEC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
781e67ecb2f9e56a60b2e356544fddea7f6b4bcb9b63fa3d19675112b0081826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 2EEC 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:39 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 12 May 2027 12:19:39 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2EEC
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dc9c49971c03e33da
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 13 May 2022 12:19:40 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 2EEC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc9c49971c03e33da%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9c49971c03e33da&uid=6163704074361520115
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9c49971c03e33da&uid=6163704074361520115
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
03feb559-8c43-4639-baf1-e94fcaf163a9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c9c49971c03e33da&uid=6163704074361520115
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A7C7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 May 2022 12:19:40 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 13 May 2022 12:19:40 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F28 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc9c49971c03e33da%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=57173
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 14 May 2022 04:12:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame A167 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
821b0736c0dc4bdbfcb33247fd879a1a50b016418d6be525157cfb01511d3369

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1808
Content-Type
text/html
Date
Fri, 13 May 2022 12:19:40 GMT
Dropped-Udsids
230|45|241|39|13|31|73|109
Expires
Fri, 13 May 2022 12:19:40 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame CE0E 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 13 May 2022 12:19:40 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-tsc
1641922229
x-cf1
29080:fB.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame AF20 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 07BC 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603a2b6205b1fe814564ceca9ea5bf433c71bdc60ffe1e2275a0f94d9bec03ae

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
70ab5800d880922b-FRA
content-encoding
br
content-type
text/html
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 3E77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM0RVBTSkItMTEtNEFVWQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM0RVBTSkItMTEtNEFVWQ==
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM0RVBTSkItMTEtNEFVWQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 3E77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L34EPSJB-11-4AUY
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L34EPSJB-11-4AUY
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 847672642EC84CFC83E7D7A8E3FCEFEF Ref B: FRAEDGE1513 Ref C: 2022-05-13T12:19:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXe47BQopp4FLm+FNZVVA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L34EPSJB-11-4AUY
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 3E77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 3E77
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OGj7KRFQSZO8XZwTpTPBWQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OGj7KRFQSZO8XZwTpTPBWQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OGj7KRFQSZO8XZwTpTPBWQ
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KAN13Q9RZYPX2B57M7J4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OGj7KRFQSZO8XZwTpTPBWQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3E77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAiYiX9jgnMFxcdF3EbcZKU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAiYiX9jgnMFxcdF3EbcZKU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAiYiX9jgnMFxcdF3EbcZKU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 3E77 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3E77
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xqTUaeZaST2UrO5b3Fr6gA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xqTUaeZaST2UrO5b3Fr6gA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xqTUaeZaST2UrO5b3Fr6gA
Protocol
HTTP/1.1
Server
54.239.38.253 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WCQ47K6SM34CAJCGWQA5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xqTUaeZaST2UrO5b3Fr6gA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3E77
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM3YjZmMTY0MzE1MDNlNzc3ZTgyNmViZjhlNTI0Njg1ZDM5ODU0Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM3YjZmMTY0MzE1MDNlNzc3ZTgyNmViZjhlNTI0Njg1ZDM5ODU0Zg
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjM3YjZmMTY0MzE1MDNlNzc3ZTgyNmViZjhlNTI0Njg1ZDM5ODU0Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame A7C7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23104
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Fri, 13 May 2022 18:44:44 GMT
getuid
ib.adnxs.com/ Frame 07BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 07BC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=b2c3e51f-1ec6-4deb-8394-2050858db466&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b2c3e51f-1ec6-4deb-8394-2050858db466&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab58020a13922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=b2c3e51f-1ec6-4deb-8394-2050858db466&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 07BC 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 07BC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 07BC 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1652444380.403026,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4051-HHN
u
dmp.v.fwmrm.net/ad/ Frame 07BC 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:46b:43f6:5ec6:edd4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 07BC 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836b7b7b-9d12-4c6b-4748-255e9ea63be0%26reqId%3Da34eb838-85c6-48fc-660a-756f74745b03%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=a3ff1921-725c-47ff-a211-67c85ab219e6&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a3ff1921-725c-47ff-a211-67c85ab219e6&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5802ab39922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=a3ff1921-725c-47ff-a211-67c85ab219e6&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=08249807800535779361458888018642454960&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=08249807800535779361458888018642454960&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5802ab36922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v031-0e26d5ed9.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
eBrtIqvaT/o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=08249807800535779361458888018642454960&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 07BC 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022051314-65111-0.590035001652444371-8db7f343ccd5a2c1f8a1f29934633aae&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022051314-65111-0.590035001652444371-8db7f343ccd5a2c1f8a1f29934633aae&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab58021a25922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022051314-65111-0.590035001652444371-8db7f343ccd5a2c1f8a1f29934633aae&zdid=533&env=mWeb
Date
Fri, 13 May 2022 12:19:31 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7097194570572429457&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7097194570572429457&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5801b9a7922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7097194570572429457&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Date
Fri, 13 May 2022 12:19:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 07BC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=836b7b7b-9d12-4c6b-4748-255e9ea63be0
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=836b7b7b-9d12-4c6b-4748-255e9ea63be0
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=836b7b7b-9d12-4c6b-4748-255e9ea63be0
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Server
35.227.248.159 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=836b7b7b-9d12-4c6b-4748-255e9ea63be0
date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=836b7b7b-9d12-4c6b-4748-255e9ea63be0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=836b7b7b-9d12-4c6b-4748-255e9ea63be0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=AvhnOLqPEfJGaF78eb2h3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=AvhnOLqPEfJGaF78eb2h3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab58027aaa922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
last-modified
Fri, 13 May 2022 12:19:40 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=AvhnOLqPEfJGaF78eb2h3e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 07BC 		36 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
36
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=836b7b7b-9d12-4c6b-4748-255e9ea63be0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=836b7b7b-9d12-4c6b-4748-255e9ea63be0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab58042d82922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.23.187
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-k_Bdz0pE2opqeXMsIvkxslC1CCQb8fY0dQ--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-k_Bdz0pE2opqeXMsIvkxslC1CCQb8fY0dQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5803fd2d922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 13 May 2022 12:19:40 GMT
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-k_Bdz0pE2opqeXMsIvkxslC1CCQb8fY0dQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRW5KvIFTDWqRrQjOCc0AgyH%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRW5KvIFTDWqRrQjOCc0AgyH%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5803dcfe922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=MczPHthnmRW5KvIFTDWqRrQjOCc0AgyH%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame 07BC 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.64.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1652444380
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 07BC 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yn5M3AABAaAyBQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yn5M3AABAaAyBQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&_test=Yn5M3AABAaAyBQAj
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab58047df1922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1652444381.854840,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yn5M3AABAaAyBQAj&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&_test=Yn5M3AABAaAyBQAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=a8ab627e-4cdc-4f00-85b2-18f53456a350&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb83...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a8ab627e-4cdc-4f00-85b2-18f53456a350&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5803dd04922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
MT3 4390 fb8620d master cdg-pixel-x33 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=a8ab627e-4cdc-4f00-85b2-18f53456a350&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 13 May 2022 12:19:39 GMT
usermatch.gif
beacon.krxd.net/ Frame 07BC
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f7474...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
54.76.64.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private, no-cache, no-store
x-request-time
D=43 t=1652444380
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
date
Fri, 13 May 2022 12:19:40 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 07BC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-474...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-474...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
54.239.38.253 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
20GNFQ7534ARC0SA3TNY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FZ6C70YNCBFJPCM8ZXBY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 07BC 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 07BC
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D836...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
70ab5804ee8f922b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
date
Fri, 13 May 2022 12:19:40 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 07BC 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03bbd544dea2afe2ed24d94e8843e8dcef3ea967bb0cd1089e47fc9549f6c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray
70ab580138f6922b-FRA
date
Fri, 13 May 2022 12:19:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
pixel
cm.g.doubleclick.net/ Frame A167 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A167
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yn5M3Fg.Io9hwiQbBrPeEQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKpSjOJDUUX-a3BXJdp8r-A&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKpSjOJDUUX-a3BXJdp8r-A&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 13 May 2022 12:19:40 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKpSjOJDUUX-a3BXJdp8r-A&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A167
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CR9DPC0CSG6PX7B7CBV5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RHEM295AXHYCRXGWX0T9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A167 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A167
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 13 May 2022 12:19:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Fri, 13 May 2022 12:19:40 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
noop
px.owneriq.net/ Frame A167
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7057307801093539856&uid=Q7057307801093539856&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
HTTP/1.1
Server
23.75.246.168 -, , ASN (),
Reverse DNS
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 13 May 2022 12:19:40 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A167 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yn5M3Fg-Io9hwiQbBrPeEQAABLsAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a361:57c8:93b7:1576 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame A167
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=418830585c7747d688a1f66a9cc75618&expiration=1655036380
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=418830585c7747d688a1f66a9cc75618&expiration=1655036380
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 13 May 2022 12:19:40 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=418830585c7747d688a1f66a9cc75618&expiration=1655036380
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams02.e-planning.net/ Frame A167 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=c9c49971c03e33da&uid=Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc9c49971c03e33da%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 12:19:40 GMT
server
openresty
content-type
image/gif
cmp
spl.zeotap.com/ Frame 07BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
70ab58016935922b-FRA
date
Fri, 13 May 2022 12:19:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
csync
sync.spotim.market/ Frame 3B2F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=6163704074361520115
0
386 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6163704074361520115
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 13 May 2022 12:19:40 GMT
Etag
22283dbc7ae62247
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
7cbf86f5-0ef0-4c56-84cb-85e2bd6cf383
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 13 May 2022 12:19:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6163704074361520115
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C847 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=57173
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 13 May 2022 12:19:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 14 May 2022 04:12:33 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame AA7E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 13 May 2022 12:19:40 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 13 May 2022 12:19:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.spotim.market/ Frame 443E
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
VertaMedia 1.0
Etag
22283dbc7ae62247
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 13 May 2022 12:19:39 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
bq3837l3p2sbp4hstfd2m75puba4apn4
csync
sync.spotim.market/ Frame 443E
Redirect Chain
  • https://b1h-apac1.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D509691%26extuid%3D__ZUID__%20
  • https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
VertaMedia 1.0
Etag
22283dbc7ae62247
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.spotim.market/csync?t=a&ep=509691&extuid=&gdpr=0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
96
Expires
Thu, 01 Dec 1994 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 443E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
VertaMedia 1.0
Etag
22283dbc7ae62247
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yn5M3Fg.Io9hwiQbBrPeEQAA%261211
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Fri, 13 May 2022 12:19:40 GMT
csync
sync.adtelligent.com/ Frame 443E 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Server
VertaMedia 1.0
Etag
22283dbc7ae62247
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame AA7E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 May 2022 20:46:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23104
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9496
Expires
Fri, 13 May 2022 18:44:44 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 2EEC 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 20:22:43 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
57418
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
Ix5-IF72SIoqQUxV4wAHZuAeLrfjEnIE5q85ffwEEbovfm2JdPnT0w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 5A2C 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 13 May 2022 12:19:40 GMT
etag
W/"601b131c-27c"
expires
Wed, 12 May 2027 12:19:40 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 9C8D 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AH7SiRDaFiGQFDtR
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 -, , ASN (),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 13 May 2022 12:19:40 GMT
Etag
d9c7211f4e0613ca
Server
VertaMedia 1.0
GS.d
js.cookieless-data.com/ Frame 5A2C 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1652444380764
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.82 -, , ASN (),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 12:19:40 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A7C7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=L34EPSJB-11-4AUY
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
ptrack
a.audrte.com/ Frame 2EEC 		368 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.215.131&p=M1353665098&artime=2022-05-13T12:19:40.987Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dGVsZWdyYWZpLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.179.244 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
28e07a97e2ac0b53b47f6940b34eb6dcf6dfa389ddf0e3d56ff2b6e4a4e53ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:41 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
sync.php
pixel.rubiconproject.com/exchange/ Frame AA7E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&khaos=L34EPSJB-11-4AUY
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
match
ps.eyeota.net/ Frame 2EEC
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=287918371402942664
  • https://ps.eyeota.net/match?bid=kh51m51&uid=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.120.214.218 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:41 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Fri, 13 May 2022 12:19:41 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 2EEC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=&google_gid=CAESEKkh0TfT9Cl8J76BTIKjEqI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
35.169.179.244 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 13 May 2022 12:19:41 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 2EEC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=a17ee8QYzjVTnuf-sumTqwNkw&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 12:19:41 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
SPug
simage4.pubmatic.com/AdServer/ Frame 10B3 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| globalAmlAds object| dataLayer object| bp object| playerSlots string| playerCdn string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| _classCallCheck function| _defineProperties function| _createClass function| Sticky function| Zuck function| ZuckitaDaGalera function| ZuckJS function| close_video_ad function| avideo function| putReklamatBack function| injectfokus function| closestForFokus function| volumeControlFN function| nativeClick function| hasExternalLink function| deleteVideoPopup function| processNative function| processFokus boolean| isMobile function| Swiper function| __tcfapi function| __uspapi object| googletag function| fbAsyncInit function| fbq function| _fbq function| ClipboardJS object| Article object| Breaking number| screen_width number| screen_height function| calculatePosition function| popup function| fbShare function| twShare function| menuShare function| viShare function| messengerShare function| linkCopy function| videoSwiper function| storySwiper function| initSwiper function| swiperInit function| changeGalleryImage function| initGalleryImage number| fokus_offset number| offsetBy function| string_to_slug number| timeIndex object| shifts function| timestamp function| stickyAd object| stickyContainer undefined| sticky function| _calculateScrollbarWidth object| Menu object| ModuleTrending object| MostRead function| decodeHtmlEntity object| Related object| SocialCount object| Stories object| Tabs object| Trending object| ZgjedhjetKomunale function| empty function| htmlspecialchars_decode number| l_left number| t_top function| triggerPopup function| getQueryStringParameter function| updateQueryStringParameter function| getCookie function| subscribeSubmit object| wp object| excludeIds object| _taboola function| webpushr object| admixTMLoad object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad function| postscribe object| google_tag_manager_external object| google_tag_manager object| TWAGORAINARTICLE function| playerPro object| ggeac object| google_tag_data object| google_js_reporting_queue string| reqCountry object| condLabels object| lmonebidAdUnits object| lmonebid object| requestManager function| biddersBack number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits object| pbjs function| requestHeaderBids function| initAdserver object| domHelper function| triggerIframeLoad function| triggerPixel function| lmonebidChunk object| _lmonebidGlobals object| ADAGIO function| pbjsChunk object| _pbjsGlobals object| Criteo object| hb_dmx_res object| gaplugins object| gaGlobal object| gaData object| FB object| gjdmpInitializer object| gjdmp object| bisko object| criteo_pubtag object| criteo_pubtag_123 object| Criteo_123 object| jQuery1110020491918482017346 function| loading object| _qevents object| __tagmanjsonp__ function| onYouTubeIframeAPIReady object| admixTM object| heatmap function| _webpushrExecuteHooks function| _webpushrSetCookie function| _webpushrGetCookie function| _webpushrBrowserSupport function| _wp_registerServiceWorker function| _webpushrCheckPermission function| _webpushrGetPrompt function| _webpushrNotificationPermission function| _webpushrGetPromptDisplayTime function| _webpushrShowNotificationCenter function| _webpushrShowPrompt function| _webpushrShowCustomPrompt function| _webpushrShowSubscriptionBell function| _webpushrRenderCard function| _webpushrShowCard function| _webpushrNotificationTimeToLocal function| _webpushrPermissionResetInstructions function| _webpushrPromptAction function| _webpushrToggleEditNotificationPopup function| _webpushrTrunNotification function| _wpCheckSubscription function| _webpushrRequestPermission function| _webpushrSubscribeNow function| _wp_urlBase64ToUint8Array function| _webpushrSendSubscriptionToServer function| _webpushrPromptImpressions function| _webpushrNotificationCardLogs function| _webpushrSessionLogs function| _webpushrDisplayPrompt function| _webpushrCustomPromptEvents function| _webpushrBindBellEvent function| popup_notification_clicked function| _webpushrShowSubscriberCount function| webpushr_display_button function| webpushr_display_toggle_button string| applicationServerKey object| _wp_prompt_info object| q object| WebPushr object| d1 boolean| _wp_is_safari boolean| _wp_debug object| publicMethods function| checkRemotePermission string| today function| iFrameResize object| ProjectAgora number| max_priority string| type boolean| validURL undefined| google_measure_js_timing object| webVitals object| regeneratorRuntime function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| google_optimize object| sas object| apntag object| _ADAGIO object| criteo_syncframe_state object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| HTML5Player function| BPlayer function| BPlayerUI object| data object| DMVAST function| AdPlayerPro object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| prompt_wrapper object| elePromptLogo object| eleApproveBtn object| eleDenyBtn object| eleCookieInfo object| eleCookieGoback object| eleClickinfoCookie object| eleCookieinfoData object| eleBellPopup object| webpushrUnknownBtn object| webpushrOffBtn object| webpushrOnBtn object| Criteo_prebid_117 function| arrive function| unbindArrive function| leave function| unbindLeave

64 Cookies

Domain/Path Name / Value
telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime Name:
Value: store.test
telegrafi.com/ Name: uid
Value: M1NW9GJ+TNdyJiYTt1TSAg==
.ads.futureads.io/ Name: am-uid
Value: c30b53a50ce44d13950e8c059ea8d199
.telegrafi.com/ Name: _gid
Value: GA1.2.2072127264.1652444376
.telegrafi.com/ Name: _ga_GGFDBX585G
Value: GS1.1.1652444375.1.0.1652444375.0
.telegrafi.com/ Name: _ga
Value: GA1.1.1338537763.1652444376
.admixer.net/ Name: am-uid
Value: 199f9a1d779a42bf84187fb2e886dc87
.rubiconproject.com/ Name: khaos
Value: L34EPSJB-11-4AUY
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3lVQNaN6NF68zzH/SUMvpGs1wMD2ZZQDJU9xyqbwjHy2eaavjpzozrCVLDh2Y1O0NymPvo8pleP9oy+mh9GtMOAFMci+Bwpm4=
.telegrafi.com/ Name: _gat
Value: 1
.telegrafi.com/ Name: _fbp
Value: fb.1.1652444375929.1141986755
.gjirafa.com/ Name: __gjci
Value: 66428452398045d1bbe317096cfb0e47
.adnxs.com/ Name: icu
Value: ChgI4pN6EAoYASABKAEw15n5kwY4AUABSAEQ15n5kwYYAA..
.adnxs.com/ Name: uuid2
Value: 6163704074361520115
.gjirafa.com/ Name: __gjbi
Value: 11195b4a8d9445669bd5c9c708e3e804
bisko.gjirafa.com/ Name: __session
Value: a5d1828356ae48eca91c59201a0dbfb0
.openx.net/ Name: i
Value: 74111538-d0d1-46fe-baa9-9f057ace565f|1652444379
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IlVOIjp7InVpZCI6Ik9QVE9VVCIsImV4cGlyZXMiOjE2NTUwMzYzNzl9fX0=
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2MTYzNzA0MDc0MzYxNTIwMTE1IiwiZXhwaXJlcyI6IjIwMjItMDUtMjdUMTI6MTk6MzkuNjY3NDU2MTQ3WiJ9LCJvcGVueCI6eyJ1aWQiOiI5ZTYzYTVhZS1jMGM5LTRhZTAtOGJmMy05N2Y4OWZiMmE3MmYiLCJleHBpcmVzIjoiMjAyMi0wNS0yN1QxMjoxOTozOS43MjU0NDc0MzlaIn19LCJiZGF5IjoiMjAyMi0wNS0xM1QxMjoxOTozOS42Njc0NTMxNVoifQ==
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GU't?Ga7!]tbP6j2F-.aE@%O4WYq=0QItdWjVYlgcsE7SQ-vdW]QJ6VNx3jbh.Q7S$I?6H(3(gg*-T/X+GY1Qw26ajd`V
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJiODg0N2Q3NWVjN2E0OTg4NjJjYTBjZTYyMDdmNmNjYiIsImV4cGlyZXMiOiIyMDIyLTA4LTExVDEyOjE5OjM5WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA1LTEzVDEyOjE5OjM5WiJ9
.bidswitch.net/ Name: tuuid
Value: bf245678-717c-4a8e-8093-d41df478d7b7
.bidswitch.net/ Name: c
Value: 1652444379
.bidswitch.net/ Name: tuuid_lu
Value: 1652444379
.360yield.com/ Name: tuuid
Value: 7840b23c-8877-4e1d-982e-70956be86422
.360yield.com/ Name: tuuid_lu
Value: 1652444379
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMID
Value: Yn5M3Fg.Io9hwiQbBrPeEQAA
.casalemedia.com/ Name: CMPS
Value: 3192
.casalemedia.com/ Name: CMPRO
Value: 1211
.casalemedia.com/ Name: CMST
Value: Yn5M3GJ+TNwA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C7C4D2CB-B1AA-4EF2-BE85-015C1F63885A
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158810:2
.pubmatic.com/ Name: DPSync3
Value: 1653609600%3A201_197_219%7C1652486400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1653696000%3A35%7C1653609600%3A21_54_8_220_13_7_161_56_3
ads.us.e-planning.net/ Name: CT
Value: 1
.spotxchange.com/ Name: audience
Value: f669bec8-d2b6-11ec-a4c8-1e3504c40206
.quantserve.com/ Name: d
Value: EPYBCwGQJvijAA
.quantserve.com/ Name: mc
Value: 627e4cdc-2fe41-cf34f-d6ae7
.e-planning.net/ Name: E
Value: AH7SiRDaFiGQFDtR
.yahoo.com/ Name: A3
Value: d=AQABBNxMfmICEHlkqGEgPjO4UVjymhrnP7oFEgEBAQGef2KIYgAAAAAA_eMAAA&S=AQAAAseCbCgwZxfx91drx7Lc4yg
.analytics.yahoo.com/ Name: IDSYNC
Value: 198a~24v0
.simpli.fi/ Name: suid
Value: 9E7DAA94768F47D4926C9E54D583BFF1
.onaudience.com/ Name: cookie
Value: 2b0c4e2e092b0158
.onaudience.com/ Name: done_redirects161
Value: 1
.de17a.com/ Name: guid2
Value: 1.1982633210603718650
.smilewanted.com/ Name: sw_user_params_infos
Value: kpodKtVAuW8JwsoCLrLtpNz4k6ORzfIVKiFQZxVyxFYz%2FV7qzcgubLaGQEisoogKQZyzR2yeTkOwQ75zWs7RPVaOkBQ%2FStIqAWLKNASoyUl9gF85OsU0U9NR05CzpEGbcXnQxJcGRd1%2BTNitPW%2BjyjHt1ObVTfBvzkRmTLTRkHzJV7HbyGEIamWUb7%2FHQFt32QFkPQhpoiHqM%2BofZTWTLiRnOrbB6g78rIc%2BiTjruzPZc5pDfqYMVxWrEFHzeb%2FCVtKEiV84G6lT3G7AqcFxc%2F1L0o%2FEA0%2BaOMQ8Ysr8GzreV%2FNgGgHeErARgoUU%2Bu2SiMwkGFi9K1aGZxbTQ4WMrOxeXDO2hp3PlkKWksfLzQWcFAiGZnz8kcU0Sv44Q819MbrI5Pv963%2BmEVN%2FzuG246LhstUtugmpZlgeds0740NyLZrF7wm0c4m3st5dVq05
.adform.net/ Name: C
Value: 1
.zeotap.com/ Name: zc
Value: 836b7b7b-9d12-4c6b-4748-255e9ea63be0
.zeotap.com/ Name: zsc
Value: g%F7%91%29%7Dj%84%CE%F5%D7%88i%B3S%8F%00%EC%3D%EF%D0%03%A1g%26E%1E%A6%A4fd3%B3%E2%0F%83%17w%9E%B5%9C%06%5CF%5C%3D%C3%7B%2FY%AC%B0%22%3E%F8%05%A9%A9V%03%BB%8E%0E%21o%15sa%3C%26%80%5B%80%B4%B76R%26%EF%84%CC%97%D0%12%7CM9%FB%7B.2D%C5%1F%F7%F2%1C%21qA+%92%A7%18b%3D6%8F%C7%BE%93Y%8B%93%E4%E2Z%A7tA%0E%C5J1%C3o%F2l%D5%D5%14fD%F2%D3%A22%3C%19%DD%FC%91%AB%CA%22%E1%D73%81p%F7-T%80%26%D0W%A5%1E%A6%9E%5E%91%E6hS%93%83%D3
.doubleclick.net/ Name: IDE
Value: AHWqTUnx1z7lMsAvi1_eOnrwW6FB3ROISgImoyj5Jl3UMe3n4TPN0t-7FEOit6loicE
.adform.net/ Name: uid
Value: 287918371402942664
.richaudience.com/ Name: avcid-zeo-uid
Value: 836b7b7b-9d12-4c6b-4748-255e9ea63be0
.tapad.com/ Name: TapAd_TS
Value: 1652444380403
.tapad.com/ Name: TapAd_DID
Value: b2c3e51f-1ec6-4deb-8394-2050858db466
.adfarm1.adition.com/ Name: UserID1
Value: 7097194570572429457
.casalemedia.com/ Name: CMRUM3
Value: 49627e4cdc05a0&27627e4cdc0b40&e6627e4cdc2760&1f627e4cdc05a00&2d627e4cdc05a0&6d627e4cdc05a0&0d627e4cdc05a0&f1627e4cdc05a0
.ctnsnet.com/ Name: cid_418830585c7747d688a1f66a9cc75618
Value: 1
.exelator.com/ Name: EE
Value: "5af9c02020ca98b5a09e0bafbbb87d7b"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE0Mc0y2cAICJMTLS2STBMNLFMNkhLTkpKSLMxTzJMWl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIBSvAnDDXoAVL8osy0xcFhS4uSkljXFRSfCr4QNw6AHqWKDM%253D"
.owneriq.net/ Name: si
Value: Q7057307801093539856
.owneriq.net/ Name: p2
Value: cc

5 Console Messages

Source Level URL
Text
network error URL: https://telegrafi.com/pyper-vjen-kampanjen-te-re-per-hulumtime/&data=05
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=836b7b7b-9d12-4c6b-4748-255e9ea63be0&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=836b7b7b-9d12-4c6b-4748-255e9ea63be0&reqId=a34eb838-85c6-48fc-660a-756f74745b03&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-prebid.vidoomy.com
a.audrte.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.futureads.io
ads.pubmatic.com
ads.us.e-planning.net
adx.adform.net
adxbid.info
aghtag.tech
analytics.webpushr.com
ap.lijit.com
audit-tcfv2.quantcast.mgr.consensu.org
b1h-apac1.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
biddr.brealtime.com
bisko.gjirafa.com
bn01.er.bemail.it
bot.webpushr.com
brightcombid.marphezis.com
btlr.sharethrough.com
c1.adform.net
cdn.admixer.net
cdn.connectad.io
cdn.webpushr.com
central.gjirafa.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
csync.loopme.me
csync.smilewanted.com
d.vidoomy.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu6.heatmap.it
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
gjstatic.blob.core.windows.net
hb-api.omnitagjs.com
hb.emxdgt.com
i.e-planning.net
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
match.adsrvr.org
mp.4dex.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
pahtuo.tech
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
ps.eyeota.net
px.ads.linkedin.com
px.owneriq.net
quantcast.mgr.consensu.org
rtb.openx.net
rules.quantcount.com
s.adtelligent.com
s.amazon-adsystem.com
s.e-planning.net
s1.v-player.net
s333.adxpremium.services
script.4dex.io
scripts.futureads.io
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
telegra.fi
telegrafi.com
test.quantcast.mgr.consensu.org
token.rubiconproject.com
trc.taboola.com
u-ams02.e-planning.net
u.heatmap.it
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
simage4.pubmatic.com
104.111.215.191
104.17.120.107
104.22.69.131
104.36.113.107
104.36.113.24
104.92.74.8
138.68.235.115
142.250.184.226
146.0.227.106
146.0.227.109
149.202.74.47
151.1.205.165
151.101.2.49
152.228.222.122
162.55.236.225
169.50.137.184
172.67.71.111
176.34.72.130
178.250.0.163
178.250.0.165
18.156.0.31
18.196.121.26
18.66.97.109
185.15.245.80
185.183.112.148
185.184.8.90
185.255.84.150
185.33.221.87
185.64.190.80
185.86.137.131
185.94.180.125
198.47.127.19
199.101.135.227
2.18.233.201
205.234.175.175
209.205.197.154
212.82.100.182
213.155.156.164
213.19.147.44
216.52.2.19
216.58.212.162
23.108.101.160
23.227.139.243
23.35.236.201
23.35.236.247
23.75.240.210
23.75.246.168
23.88.75.187
2600:1f16:e61:3f01:46b:43f6:5ec6:edd4
2600:9000:223e:2600:6:44e3:f8c0:93a1
2600:9000:225e:6200:3:a4cd:8380:93a1
2600:9000:236e:8000:9:46dc:4700:93a1
2602:803:c004:200::141
2606:4700:10::6816:1957
2606:4700:10::ac43:8ae
2606:4700:20::681a:9a9
2606:4700:3030::6815:1b4
2606:4700:3030::ac43:c0ad
2606:4700:3031::ac43:a8b4
2606:4700::6810:7eaf
2606:4700::6812:372
2606:4700:e2::ac40:8015
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:803::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:600::300
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3601:a361:57c8:93b7:1576
2a06:98c1:3120::a
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.214.218
3.121.92.52
3.222.163.155
3.33.220.150
3.67.18.163
31.28.167.114
34.111.131.239
34.255.242.195
35.157.1.22
35.169.179.244
35.178.150.13
35.186.193.173
35.227.248.159
35.227.252.103
35.244.174.68
37.157.4.41
37.157.5.142
44.196.45.105
46.101.145.111
46.105.202.39
46.249.52.248
5.178.65.246
5.178.65.252
51.158.28.82
51.210.112.236
51.75.86.98
52.239.139.164
52.30.140.199
52.46.130.91
52.49.221.107
52.58.67.200
54.239.38.253
54.76.64.233
54.78.254.47
64.225.42.52
66.155.71.149
69.173.144.138
69.173.144.165
74.121.143.240
81.17.55.161
85.114.159.93
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7
0274be65e836d01596bcb9487fbfaa5b980bdb4fadaa9cfd18ad085b5ac66436
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
044316373e018c29ee8a1138fdaac42494514f8f7da4e89da024de6d568a50f9
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0957311c8318f0d2498805c7bccc65cd0c86c643e12ed83031452e5f91152e4a
0a12056d412365695a1ae79cdfb08869b7071e7d871a1a2e46eac7a73d2c859c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ddb33c5357ea6bffbb48ef3e384b9a3011a7c09e81cac8e58909b190a42fdf4
0dff9e76c45db869dc68405f4bae8bd582e54a00444b664862f2af7bfdc21040
0e0273ac06621779c95352aeb27995d1f226551806e3c8303e6f224e5876c1b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11364d0061c53e3b2f6c0ce2fa70d7961f0d06fe5939d3aadb4e8467fac1a980
11c394fe3a9ca0ddd99fc11e649c1bbf7870ff6fcb801e7820aad36de044ecee
13835382721bd17f6246fdd403c22aa56b6daadc3874659c8becd66229001fc2
1492d3aebb2d7d514c599f66827eacf825874188d1ca486b4e3a03a4031db163
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14eec7295e73242aff774c5b71962ecf640f4bcda0ce68df52a283c8e970613f
16d6cdb80b178772bf074bb5dea01be73e9361f003adad266469e3de4b9ba641
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1967ee62b22b15de74f52adf8fb169a9f97ed136c730bcc4310f46fd8acf1dbb
197b21250aa1eac1f97d48d36af417123c7ee68bb85453f6822745ff8d061011
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
1e1effe737d43eef2c03ded33783f5bab1a70585ab0885fb3c82ec827bd6ba46
1f16a2f34ecbf56fbf6139360f8cd57f6138c7948e6efa5db9300b96c8db7051
1fb5577c6224b8f05cba98a5fccc6c3465e1aad6746196aa65795f67313dd1ab
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
231af8336a1003af19d28ef34c03f756eebe7092c311d1d70cdead0f4d684f4f
23215c2c28bbe8e3ea1982d6dddbe2580fd33e82d2c98f2e202b370a46cb0d91
24b5460600cc9a53b3815e2aa07e72c6453cee4b38da4358106f581d224afe00
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2
28e07a97e2ac0b53b47f6940b34eb6dcf6dfa389ddf0e3d56ff2b6e4a4e53ea3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ad3e1ebf36f4d5375c097486e514befc0294cf035eb492965b32a3274e6fed0
2daae0c04eed05f051bccd667c1defc815d84ebd5474f897300d84fbf71b4104
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3223ec1e3d2d068cfc311ef86a848b42be83370d6f2d24fbf8b4406d77664ff3
357b527cc71319c63e2c0765caf0b109980d8d1de6eafe199a32d165d5095b33
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3993c1b94d20a3a33396c103e42205b1c539994777cf512c07636cf7cc4944d0
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
39db8f017da79268762a8e797bd21e27f940f54780bb7481866c391e5bfad514
39e3b7a575958736f4307accdfc7243a4aac7f0342bd12bb0743e7a0932546df
3d22aa3a1f099b6aeedd26460b98e018577711448d2a9444b64ea7e9db537734
3d3ac56ea7009181cb686ac18512efc3c94e6509c3920cea8e768c12fcfda6d1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f47780ac6a0cd5da2d08e3d14d6c5fd05cb359a527f056bdf3a627dd814bfb7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41854f41fe85020edc0377130d956283c0c533e9996e3a7e3aa7e909f93dc954
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45667f6d965028a616f817d5d70dd92913973a3a312061c381bb24e122e44e45
489cb0c1f1d053a406c57039514f6364006a02ee604b15d0693111ac986f2b42
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2ef2d592f177d6008f995b944cda8c3111800e828e3aedb3919d22ce2e4755
4d3c2716fb807011f9b2da62eccb916cb685d127d731c19b72e91d1116b18b71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6b0d422bfde0bcc6d7b4937b8d23b99619ad8f58490d146d51991c54094739
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a21de8e50cb5fec4d27925459bcefa46d0dfd9be177eaaa765fa1ec9c9c649
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59301f0b61dfd75c0e86f82e6e2c5c6006be7b9ffe0b96c44dbad2f59aa6ed15
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
603a2b6205b1fe814564ceca9ea5bf433c71bdc60ffe1e2275a0f94d9bec03ae
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6463627134cc4c1d4a2a6074dbc030929369ce6c318ada0e3f246f3b6f806828
66078495f7cb24e6c59bc1a4e8e1ba63800dd8b7669a1b9201de1194d201aa9b
66c585b20a808a86544de8a30986d414790a235565c0f258a6906e8ab95a1ea3
6afb93bcc848a56418d301ad7bfa8d46dd988771d0c1f926b1674e9205c51663
6b3918390779771c36fd7aae686ce75b927606f0c15c2e51079ca710aa5231a5
6c9fe71e05e63690230d5fc96364a60e2ca70c51d1c957dfc44a9bb66c877f23
72720755f75baede2cb757a8111daff30a7c322428eed7a24b37d84fbec67993
7589dcfe629156349bb731aaf52b53fb39abd1660d75839519471634b15364c1
759a7832652307a3887378304f8ef16b8a9390e48172cbcfba5b2e7a23923778
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
781e67ecb2f9e56a60b2e356544fddea7f6b4bcb9b63fa3d19675112b0081826
7844cfb29c5da5aaf907a24611ae207eeee959eadeb087ce5d01713a4267cd2a
788d2bce01811b17f349262926dbf9b75909181eae495f36c6749c9029b5348b
7aeab092d4d2a48725bb8c1138d2c14674d8d555c33524057e851c1e36162d8f
7bc4eff8a3e4083678781ca226df4d259884a2aae900e877353260b824f17efb
7c3da7b90955f346ed6e01f14bdbd16bbe8c7a2df5061a3c3daa1f4021ae7931
7d7962210b6e797e08c011395cf88eeff6c058253b4242b8c5256869f778597e
81f689f91e61b156cdb6b77ec60f64c4690ba5e9fa52d6b58cec792da5f75840
821b0736c0dc4bdbfcb33247fd879a1a50b016418d6be525157cfb01511d3369
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8394833233d97e66fb53de49fcbe14f810c2ef0c96171b9bcc391a0a85ffc8ef
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2d93d95a887c7049a48767ba91fb4d54802b9eb632fed06116967e5fa116fa
8f64c8732b4c435c2c21b7cb30bc501270fec3a52ba16cf61b48ddb30405727c
900f6778aee1fdf76ae86b61d6c96930e5f7a734d0ccbe783532d1d7ed990da6
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90e4721a535dede6c81a4adca4fa0719ff1d9da417472d10d295912f243f7333
930c519c321d929e86546aef6ec64ca7d09048e60734c63c6c64b2968e987e74
934d35d5422b86b726784254cba34432d58cb349c34b3ec4ea01dd7f66cb9ce5
95741c9304c69da2e0b4b8c1a6f5eef4b48a327ae3af455c995cd89e5615d774
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
9a01cf7070ca19a8f1c9c0539792449682d92dd5e57cf56609bf706364355f23
9b213099bc3df80501634f76b0c9e5f54935ef942bb0e49dc1e883b2c9c93911
9ba40420a8e6bab2ae6a4028bde206adaf4031a374f1d4fe7f5a9a9d4a093304
9ba4a1cbc55c065d56c6d29e697e81266caae4f2c075fa36a40f09035cc6c845
9ca861e8f5cfbccc42174e6a7d19d4e3f60045864d7ffef38c0c9c53e3e26720
a03bbd544dea2afe2ed24d94e8843e8dcef3ea967bb0cd1089e47fc9549f6c92
a12091ef6879b13e67a80567a6c99dc1b5b095d21c9a102c43a0b6d5c003220d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a24eaa87d394e82bf4c46c8fce9d490c95367a1c7366562b1c153dd5593e2531
a413599926d697f1b97c79da6ad1d10047aa3b4b81c78bae0799fe23f26f468d
a4bb75eb125780a4e9bcd5692ca29937d097f0457576f02959285de938b0272c
a54bf38cbd1e24686b4d06e6eef66bdabe95db066455b22dfcf30a94d52fb9d0
ab8292395d61b7c0246ffb47931010f2bb4efb96859965fa85b0b39ce8ca023c
acc070ea56e5a867d7740942fabbcef49bef8bf5185385887036d1a5222aa1d8
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae4086159cc7d5a2bf887fa1e511ad3288d7dfa48b5168e7c114c36987b1d365
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3e87eca9a0439a9f9dfea8d59eae52eb0cb035775aebcc262eb8a4f2bf54bc
af522b79dcd32d94a0fde8c26ab49914ba03786017894dc77aca36cb795d4892
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab87dead82405e7357f7c03ced2b4d5d3cb991e3fc59587c22486519ad1483
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b526fbfc0c0585f25d5924e9ccd508f62189311e0e06da74f06d8ae6d2537fc5
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b766a9a157a6676c52ce841eccc4f3f7cf70532870a8c9db743733e8337e35a8
c1b291fb3b194e6a11d556efd4a948477ffd8fdff42c8a5557a165e1de8b1bb1
c1dcafbe9407c301261985c3dfb80d73966d57e2bb5d67de978222cb8765e17d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c261e30a476d56f895b5a24412062f8d8a69ecf4b296d2428f4621901c4d42cf
c2dd8b3b3a2001264f48efa51e26f53231ab56db54422dbed36942bdd1b6fcd0
c4a5216e276c2215dd38ed12219c86f3c67b16954ce310f64021884b335695c1
c5ad53ef170d230e44b148281a568d5e9a1922d5ff66b4af358eb56299e68e35
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cb190163a0d4795999f1905b65b3d026f9308acdffce1cbeabbb96dc26c4816c
cbd1b59ba1103c54edda8130f5e199e2eb1cf77f9a308235365be19637b51a89
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d152205efd8c5bfc0f52782e3c2d10fc8226fa26f3c6319642fdd8fe2b46e094
d307deaa4953ef632d0ccaf98f4a73a6876e6eeb563c55c9749ef3991aff792b
d87fa102ae7215ece711604ab2495ad619b14678482f6d3466ffc8ab7c96369e
d9a6c49e5aec0178d68762a6a1be2154f25a5b16fb21aa7250dfe1aace6f4899
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c6b74aab138b30b1e7e29cc1377c646142dd133db41771266f8c6466e380f3
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed04e0ba2f0fb918392438922e3ba8cbf9704eedeb0a709bf79d9f25f80ac525
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0568e02c27cc010bb576b17ef309c9c6cfba9a70a1cf6788e4cc453d5b1681a
f5d7077a30dfc7c91cff8cdb8af3b8db14ac790cf886d6127c2b4f63648cfa3f
f60dbb3a246c0b3fb279be051340af0df8f14b44cb7394eaa4268c3e7fc9ade2
f6a64301a3bb604a917ef4002e9df84ce459d8c6eb9bc11a1fad5ac665a060a8
f72c16ecf6e8deba68539911cd639b96ea0a92a44fee56d3965e93242181a56f
f9e146cf548483ff23de03f7df499088925b151a115865bf5eaeb976e4e44d4a
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdf531a5bf5f88c33ba1aadd0f95a1b65de88fdee6f3957396abf9d561c085f3
fe6caf5b135fb565f8850fb6cdbcffb44ec53a29a8f71af6660d251b48cd4a08
fe7156d8e7be5cbb3506804b16a96f73591ced0d621a6b5f34ca88119d191b8c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995