URL: https://za.railfacts.com/
Submission: On January 27 via api from US — Scanned from US

Summary

This website contacted 39 IPs in 5 countries across 27 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3030::6815:5bb1, located in United States and belongs to CLOUDFLARENET, US. The main domain is za.railfacts.com.
TLS certificate: Issued by E1 on January 18th 2024. Valid for: 3 months.
This is the only time za.railfacts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
13 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
14 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 108.157.151.146 16509 (AMAZON-02)
1 5 195.177.216.95 50599 (Autonomou...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 149.202.152.44 16276 (OVH)
6 2607:f8b0:400... 15169 (GOOGLE)
2 4 37.157.4.28 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 108.138.106.70 16509 (AMAZON-02)
4 91.227.202.129 31242 (TKPSA-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 109.123.210.81 15685 (CASABLANC...)
1 2a04:4e42::649 54113 (FASTLY)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
4 217.182.102.223 16276 (OVH)
1 145.239.237.56 16276 (OVH)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.110.154.184 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 85.239.227.28 15685 (CASABLANC...)
1 109.123.221.198 15685 (CASABLANC...)
1 57.128.96.202 ()
110 39
Apex Domain
Subdomains
Transfer
14 rp.pl
statics.rp.pl — Cisco Umbrella Rank: 385168
cdn.rp.pl — Cisco Umbrella Rank: 441373
stats.rp.pl — Cisco Umbrella Rank: 393772
energia.rp.pl
359 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 364
307 KB
10 performax.cz
cdn.performax.cz — Cisco Umbrella Rank: 68703
dale.performax.cz — Cisco Umbrella Rank: 99158
chip.performax.cz — Cisco Umbrella Rank: 103151
36 KB
7 deep.bi
api.deep.bi — Cisco Umbrella Rank: 113443
22 KB
7 google.com
news.google.com — Cisco Umbrella Rank: 6054
accounts.google.com — Cisco Umbrella Rank: 23
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
167 KB
6 gstatic.com
fonts.gstatic.com
82 KB
6 onnetwork.tv
video.onnetwork.tv — Cisco Umbrella Rank: 44245
cdn.onnetwork.tv — Cisco Umbrella Rank: 41107
32 KB
6 gemius.pl
rp.hit.gemius.pl — Cisco Umbrella Rank: 386753
ls.hit.gemius.pl — Cisco Umbrella Rank: 16016
25 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
167 KB
4 salesmanago.pl
www.salesmanago.pl — Cisco Umbrella Rank: 95018
50 KB
4 adform.net
track.adform.net — Cisco Umbrella Rank: 5048
2 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9261
experiences.mrf.io — Cisco Umbrella Rank: 10063
64 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
75 KB
3 gremimedia.pl
login.gremimedia.pl — Cisco Umbrella Rank: 367892
5 KB
3 piano.io
api-esp-eu.piano.io — Cisco Umbrella Rank: 64711
15 KB
3 gremicdn.pl
i.gremicdn.pl — Cisco Umbrella Rank: 250542
472 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
69 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
177 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
69 KB
1 newsroom.bi
events.newsroom.bi
516 B
1 saleago.com
vc-service.saleago.com — Cisco Umbrella Rank: 59090
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
30 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 567
314 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 railfacts.com
za.railfacts.com
72 KB
110 27
Domain Requested by
13 cdn.cookielaw.org za.railfacts.com
cdn.cookielaw.org
7 cdn.performax.cz srcdoc
cdn.performax.cz
7 api.deep.bi za.railfacts.com
api.deep.bi
7 statics.rp.pl za.railfacts.com
6 fonts.gstatic.com fonts.googleapis.com
5 rp.hit.gemius.pl 1 redirects za.railfacts.com
rp.hit.gemius.pl
4 cdn.onnetwork.tv video.onnetwork.tv
za.railfacts.com
4 www.salesmanago.pl za.railfacts.com
www.salesmanago.pl
4 track.adform.net 2 redirects za.railfacts.com
3 login.gremimedia.pl statics.rp.pl
login.gremimedia.pl
3 api-esp-eu.piano.io za.railfacts.com
code.jquery.com
3 energia.rp.pl za.railfacts.com
static.cloudflareinsights.com
3 sdk.mrf.io za.railfacts.com
sdk.mrf.io
3 stats.rp.pl za.railfacts.com
stats.rp.pl
3 c.amazon-adsystem.com za.railfacts.com
c.amazon-adsystem.com
3 i.gremicdn.pl za.railfacts.com
3 news.google.com za.railfacts.com
news.google.com
3 securepubads.g.doubleclick.net za.railfacts.com
securepubads.g.doubleclick.net
2 dale.performax.cz cdn.performax.cz
2 www.youtube.com sdk.mrf.io
www.youtube.com
2 analytics.google.com www.googletagmanager.com
2 video.onnetwork.tv za.railfacts.com
cdn.onnetwork.tv
2 www.googletagmanager.com za.railfacts.com
www.googletagmanager.com
2 connect.facebook.net za.railfacts.com
connect.facebook.net
1 events.newsroom.bi sdk.mrf.io
1 chip.performax.cz
1 experiences.mrf.io sdk.mrf.io
1 vc-service.saleago.com www.salesmanago.pl
1 www.google.com za.railfacts.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.facebook.com za.railfacts.com
1 ls.hit.gemius.pl rp.hit.gemius.pl
1 code.jquery.com api-esp-eu.piano.io
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 static.cloudflareinsights.com za.railfacts.com
1 accounts.google.com za.railfacts.com
1 cdn.rp.pl za.railfacts.com
1 fonts.googleapis.com za.railfacts.com
1 za.railfacts.com
110 41
Subject Issuer Validity Valid
railfacts.com
E1
2024-01-18 -
2024-04-17
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.rp.pl
Certum Domain Validation CA SHA2
2023-04-25 -
2024-04-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.news.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
accounts.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
gremicdn.pl
E1
2024-01-20 -
2024-04-19
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2023-09-14 -
2024-09-25
a year crt.sh
deep.bi
E1
2024-01-03 -
2024-04-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-11-06 -
2024-02-04
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-28 -
2024-02-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
onnetwork.tv
R3
2024-01-06 -
2024-04-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
*.salesmanago.pl
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-07 -
2024-08-16
a year crt.sh
piano.io
Cloudflare Inc ECC CA-3
2023-03-27 -
2024-03-26
a year crt.sh
*.performax.cz
Go Daddy Secure Certificate Authority - G2
2023-03-02 -
2024-03-15
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.gremimedia.pl
Certum Domain Validation CA SHA2
2023-03-22 -
2024-03-21
a year crt.sh
*.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
vc-service.saleago.com
GTS CA 1D4
2023-12-14 -
2024-03-13
3 months crt.sh
ssl03.cert.cl11.k8s.mrf.io
R3
2023-11-30 -
2024-02-28
3 months crt.sh

This page contains 6 frames:

Primary Page: https://za.railfacts.com/
Frame ID: 5610B3F41D0042F2378D20481282A73C
Requests: 100 HTTP requests in this frame

Frame: https://cdn.performax.cz/acc/loader.js?aab=loader
Frame ID: D7207ECC23B8F2C8DB0D4043C2D84F23
Requests: 3 HTTP requests in this frame

Frame: https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/3p-cookies/step1.html
Frame ID: C37AC1D92918838B67499C6506B7A58D
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 94FDF58F801FB45C7205365202A65434
Requests: 1 HTTP requests in this frame

Frame: https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/login-status-iframe.html
Frame ID: A500EC75D301F5CFF9CFD154A3D0C363
Requests: 2 HTTP requests in this frame

Frame: https://experiences.mrf.io/passexperience/dw-check.html?v=6
Frame ID: D85C3584CD1BC5229FD447B5120AE953
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Tauron kończy remont Jaworzna - rp.plSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

97 %
HTTPS

66 %
IPv6

27
Domains

41
Subdomains

39
IPs

5
Countries

2321 kB
Transfer

6524 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://track.adform.net/adfserve/?bn=71145661;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp] HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=71145661;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
Request Chain 29
  • https://track.adform.net/adfserve/?bn=71145659;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp] HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=71145659;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
Request Chain 92
  • https://rp.hit.gemius.pl/_1706389856464/rexdot.js?l=100&sendf=24&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=600&fv=-&href=https%3A%2F%2Fza.railfacts.com%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ye8l..PVtRVBeuIy.CO9DINC4DibipCCy_.B30JSqJf.w7S80fCvkcg6F4nBrrZuM_xvchmk2NvtpAJitvpoZdMuFIAf/j1wyIrNUoSzYF/&fpdata=3VbKtC5tMvavZsj2PZPjEy9qFbVynDkPFEuwgegqaen.L7&ltime=780&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65b5715f28aab500&brts=1706389856&fpcap= HTTP 301
  • https://rp.hit.gemius.pl/__/_1706389856464/rexdot.js?l=100&sendf=24&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=600&fv=-&href=https%3A%2F%2Fza.railfacts.com%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ye8l..PVtRVBeuIy.CO9DINC4DibipCCy_.B30JSqJf.w7S80fCvkcg6F4nBrrZuM_xvchmk2NvtpAJitvpoZdMuFIAf/j1wyIrNUoSzYF/&fpdata=3VbKtC5tMvavZsj2PZPjEy9qFbVynDkPFEuwgegqaen.L7&ltime=780&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65b5715f28aab500&brts=1706389856&fpcap=

110 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
za.railfacts.com/
424 KB
72 KB
Document
General
Full URL
https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a45f35b9fa5b3b0694b00f905cac70927c905dc9f119f474bbe45c1179d17be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84c3fc28ba184bc1-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 21:10:54 GMT
expires
Sat, 27 Jan 2024 21:10:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PANJJC3gd6zIl39%2F%2FnqRzx7u2EHeKwqtnNtNu%2FVg%2FYyaP16Itdn5wY0HvXdByXWa5I0na1hB5qYgGdhlj1DR9KpLVZb%2FiG3wgS4zcVBDrJ6nT4UJAlLHb3%2B2kaow5qmE3DCjxQNcZq0h9Td%2FJsL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dulN1EiikhiO8GlkrdtHlg==
age
46128
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6838
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:19 GMT
server
cloudflare
etag
0x8DC1DE7F0BAF2A8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9ff1c125-801e-000e-6504-501033000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc314d9c6aee-BUF
css2
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 21:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 20:29:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 21:10:54 GMT
erepuserdisdembol-webfont.woff2
statics.rp.pl/dist/fonts/
25 KB
26 KB
Font
General
Full URL
https://statics.rp.pl/dist/fonts/erepuserdisdembol-webfont.woff2?v=1
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
862b0c0bc493d16318e6043e446fb490c7240806e61db6dd934049e4a99de90b

Request headers

Referer
https://za.railfacts.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
cf-cache-status
REVALIDATED
x-cache
HIT
content-length
25724
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
last-modified
Tue, 16 Jan 2024 10:53:01 GMT
server
cloudflare
etag
"65a6600d-647c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=30758400
accept-ranges
bytes
cf-ray
84c3fc315a734bcc-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
155
prebid8.29.0_SA.js
cdn.rp.pl/brio-cdn/fonts/
391 KB
147 KB
Script
General
Full URL
https://cdn.rp.pl/brio-cdn/fonts/prebid8.29.0_SA.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a90c397013de8b191f065e823c36a264c452daa0f7543d9f92057dd51269207

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 29 Dec 2023 16:08:07 GMT
server
cloudflare
etag
W/"658eeee7-61afd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
cf-ray
84c3fc31cc1d4bc0-BUF
expires
Sat, 27 Jan 2024 21:10:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffaf7355cae29a1df4cbab8cde94239a38c80eb7e764d451b45ba3ef47dc3436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29372
x-xss-protection
0
server
cafe
etag
686 / 19749 / m202401230101 / config-hash: 16415232170016434785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:10:55 GMT
swg-gaa.js
news.google.com/swg/js/v1/
69 KB
21 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ab7623617614acd5746a7e1b5d29c348558f0c95ee450a68617c398a667764d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:46:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1469
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21902
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:28:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 21:36:26 GMT
swg.js
news.google.com/swg/js/v1/
206 KB
60 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ee76a840bf4db62e3998c5b0e71012fb78c28b081a3c0859bb484c09afc090a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60588
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:28:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 21:17:05 GMT
client
accounts.google.com/gsi/
207 KB
80 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85df66e234e81a0f05e46be7033b62b82c087004a398369133852c2fcfa4df64
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-8DIxuZJgBONOF3HpsDVlnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-8DIxuZJgBONOF3HpsDVlnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 27 Jan 2024 21:10:55 GMT
/
i.gremicdn.pl/image/free/18ff2e3084716e16d0a665396e486d3d/
425 KB
427 KB
Image
General
Full URL
https://i.gremicdn.pl/image/free/18ff2e3084716e16d0a665396e486d3d/?t=crop:1920:1191:nowe:0:46,resize:fill:948:592,enlarge:1
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f353dc5c50b7072908b1a2b89e4d7c90121217a6162ee074abd7a66c7db00722

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 21:10:55 GMT
date
Sat, 27 Jan 2024 21:10:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-disposition
inline; filename="18ff2e3084716e16d0a665396e486d3d.jpg"
alt-svc
h3=":443"; ma=86400
cdn-cache-control
stale-if-error=31536000
x-request-id
x_7yPpMDGgcam2qfuZCTY
last-modified
Sat, 27 Jan 2024 21:10:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4BXaSlwV2D%2FvFTA%2FUdTEVNLVNa%2BMTjL%2B9PVUn7%2FvrYsn8u5RRDJ8sVuKWGyDQRuwYKy%2BPiHFm387JJRummvDs924ONhHzscYGA6a7aRBOIVemkyeg%2BnX4IJy%2BPPLuyl3a%2B1KZsrNOSRbMEc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
84c3fc324c134bbb-BUF
x-cache-hits
0
Rz_logo_big_txt.svg
statics.rp.pl/img/
89 KB
29 KB
Image
General
Full URL
https://statics.rp.pl/img/Rz_logo_big_txt.svg?aver=b44c2c9d
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a809c2a4f7a017eb7040271b04bba1309fc57b4ec8413551b35c1bbec214aed1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
HIT
content-length
29674
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
last-modified
Tue, 16 Jan 2024 08:58:59 GMT
server
cloudflare
etag
W/"65a64553-163e9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=30758400
accept-ranges
bytes
cf-ray
84c3fc31bc134bc0-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
1
13429b27-07e6-4ef3-a4bc-2776b6cd7a94.json
cdn.cookielaw.org/consent/13429b27-07e6-4ef3-a4bc-2776b6cd7a94/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/13429b27-07e6-4ef3-a4bc-2776b6cd7a94/13429b27-07e6-4ef3-a4bc-2776b6cd7a94.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7059fe0eedb426fa3b23e603653d639f5abe0403f2c2bef40bbdbaeae92f2156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
I3IbIaFY2iQbOYb5uHz5+g==
content-length
1645
x-ms-lease-status
unlocked
last-modified
Mon, 04 Dec 2023 10:00:53 GMT
server
cloudflare
etag
0x8DBF4AFE729E57E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
60ad1051-d01e-004e-4386-4f170b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc31e8c44bcf-BUF
expires
Sun, 28 Jan 2024 21:10:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/
283 KB
71 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.151.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-151-146.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:33:26 GMT
content-encoding
gzip
via
1.1 16d00d7ad10f83e40570caef730b80b2.cloudfront.net (CloudFront), 1.1 80d49a4446f5bfe8ba1faee2f764f150.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 20:58:12 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P5, MCI50-P2
age
2250
x-amz-server-side-encryption
AES256
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
vUisgjbTp3cbtl0MtkFGa1is5JrmiQqAuqVfe_BEpCtEKUzYqERJdw==
xgemius.js
rp.hit.gemius.pl/
68 KB
19 KB
Script
General
Full URL
https://rp.hit.gemius.pl/xgemius.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-216-95.dataspace.pl
Software
GHC /
Resource Hash
ed95321ed31879430a7a78b91a1701b4f96985590f4e368e00739d11a744ec28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2023 12:14:58 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
19526
expires
Sun, 28 Jan 2024 09:10:55 GMT
init.js
api.deep.bi/v3/
67 KB
21 KB
Script
General
Full URL
https://api.deep.bi/v3/init.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196f22327d57f74877e2a049e9e0c63955d5415126691dde9a31544909458d8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://za.railfacts.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 27 Jan 2024 21:10:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GI7euSrRt%2FBLZ%2B74GGAFa5DAwnQu3VzNuj32WAtxEUiBLBQ3nUs3g0zfrTXV7OjMOI8ksQdUDHTmGw9endWpOImsUSUmk1N2vpnIxeMiRQV%2FnqT60BZuZyU6TZheOJYpLJFugQuIwr2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-if-error=3600
access-control-allow-credentials
true
cf-ray
84c3fc324a3f4bc1-BUF
fbevents.js
connect.facebook.net/en_US/
213 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 Jan 2024 21:10:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57158
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
qezc3pENcJxJL+EEt9YkyH9P8tH3/88a8cfO2hiZ2KjAuUu8oePuj+y3iTwjYBHSwm8gIcxnYJXP6qv/LkTbmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
matomo.js
stats.rp.pl/
64 KB
21 KB
Script
General
Full URL
https://stats.rp.pl/matomo.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 30 Jan 2023 13:22:35 GMT
server
cloudflare
cf-polished
origSize=65842
etag
W/"63d7c49b-10132"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
84c3fc32ed1a4bc0-BUF
marfeel-sdk.js
sdk.mrf.io/statics/
169 KB
47 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=2941
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773570c4a764cad142860665c95108a3007df5e6fa13c37b317c9f9de79dbbaa

Request headers

Referer
https://za.railfacts.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
7ms
date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 27 Jan 2024 21:10:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
13
accept-ranges
bytes
cf-ray
84c3fc322a614bd2-BUF
alt-svc
h3=":443"; ma=86400
content-length
47878
gtm.js
www.googletagmanager.com/
269 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T8G4THH
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
972d96ac2ae8d348a405eed483e05cdf043b9f180ee72f2e79521bcfb3a039fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 21:10:55 GMT
content-background.jpg
statics.rp.pl/img/
17 KB
18 KB
Image
General
Full URL
https://statics.rp.pl/img/content-background.jpg?aver=b44c2c9d
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84a6d3f61f70611cc5a900c7b97cb1954f657526b81e3e9efe5b6bd701b65143

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
cf-cache-status
HIT
x-cache
HIT
content-length
17597
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
cf-bgj
h2pri
last-modified
Tue, 16 Jan 2024 08:58:59 GMT
server
cloudflare
etag
"65a64553-44bd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30758400
accept-ranges
bytes
cf-ray
84c3fc31bc124bc0-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
1
embed.php
video.onnetwork.tv/
3 KB
2 KB
Script
General
Full URL
https://video.onnetwork.tv/embed.php?sid=MjdZLDAsWVY%3D&iid=456
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.202.152.44 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-k.of.pl
Software
XO.webservant /
Resource Hash
09ff69974c9512ebf50fa2a9a0c8fbfb8f8624aab670208cad3f81a978147639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 27 Jan 2024 21:10:55 GMT
last-modified
Sat, 27 Jan 2024 21:10:54 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-type
text/javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
content-length
1445
expires
Sat, 27 Jan 2024 21:10:54 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce1a31c75915ad2ad39574b9a17aaedb160f0ed3875b6b93ef6675dc369b0bd0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 04:14:19 GMT
x-content-type-options
nosniff
age
320196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 04:14:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 09:33:07 GMT
x-content-type-options
nosniff
age
301068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Jan 2025 09:33:07 GMT
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4822fa2443c0317dc37db0463ae8cd5ad2ba1e6b3419763bfdbcb22c1c321bf5

Request headers

Referer
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:28:28 GMT
x-content-type-options
nosniff
age
362547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 16:28:28 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 05:50:56 GMT
x-content-type-options
nosniff
age
141599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 05:50:56 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:27:45 GMT
x-content-type-options
nosniff
age
348190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 20:27:45 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 06:12:08 GMT
x-content-type-options
nosniff
age
140327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11824
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 06:12:08 GMT
/
track.adform.net/adfserve/
Redirect Chain
  • https://track.adform.net/adfserve/?bn=71145661;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
  • https://track.adform.net/adfserve/?CC=1&bn=71145661;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
35 B
518 B
Image
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=71145661;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=71145661;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
track.adform.net/adfserve/
Redirect Chain
  • https://track.adform.net/adfserve/?bn=71145659;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
  • https://track.adform.net/adfserve/?CC=1&bn=71145659;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
35 B
518 B
Image
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=71145659;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=71145659;1x1inv=1;srctype=3;gdpr=${GDPR};gdpr_consent=${GDPR_CONSENT_50};ord=[timestamp]
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
email-decode.min.js
energia.rp.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
902 B
Script
General
Full URL
https://energia.rp.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Jan 2024 10:32:07 GMT
server
cloudflare
etag
W/"65b38a27-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
84c3fc324ca94bc0-BUF
expires
Mon, 29 Jan 2024 21:10:55 GMT
common-bundle.min.js
statics.rp.pl/dist/js/
210 KB
63 KB
Script
General
Full URL
https://statics.rp.pl/dist/js/common-bundle.min.js?aver=b44c2c9d
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e866ca8f8fcb939a0cfe32405e3d7b6df28954cef95e376062f5179a95bb3688

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
MISS
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
last-modified
Tue, 16 Jan 2024 10:53:01 GMT
server
cloudflare
etag
W/"65a6600d-346f4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30758400
cf-ray
84c3fc324ca84bc0-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
0
content.css
statics.rp.pl/dist/css/
65 KB
8 KB
Stylesheet
General
Full URL
https://statics.rp.pl/dist/css/content.css?aver=b44c2c9d
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f261a41711dff923718de67b10f4793b51f67929daf863e57fca52482959fa92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=67145
x-cache
MISS
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
cf-bgj
minify
last-modified
Tue, 16 Jan 2024 10:53:01 GMT
server
cloudflare
etag
W/"65a6600d-10649"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30758400
cf-ray
84c3fc324ca34bc0-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
0
content-bundle.min.js
statics.rp.pl/dist/js/
117 KB
39 KB
Script
General
Full URL
https://statics.rp.pl/dist/js/content-bundle.min.js?aver=b44c2c9d
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdae391e43d1e811915d3d0ca7115ed4291c50c56fb0e51780dcde0289288af1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
HIT
x-cache
MISS
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
last-modified
Tue, 16 Jan 2024 10:53:01 GMT
server
cloudflare
etag
W/"65a6600d-1d380"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30758400
cf-ray
84c3fc324ca64bc0-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://za.railfacts.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84c3fc337be64bcd-BUF
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80e4e0d9025d16fde3cc8a881627c20edc2b60a3d540e47e6503afc36a8dbb23

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a945a1fd0a832f995d9943baf887c16fd4ad46d876d38847245b2c19f5b31c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
common.css
statics.rp.pl/dist/css/
32 KB
7 KB
Stylesheet
General
Full URL
https://statics.rp.pl/dist/css/common.css?aver=b44c2c9d
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef7ea9d47fe86517e391a33a924526f94630387fcdc2ad2a920b91320ba33b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-polished
origSize=33000
x-cache
HIT
cdn-cache-control
stale-if-error=86400, stale-while-revalidate=3600
cf-bgj
minify
last-modified
Tue, 16 Jan 2024 10:53:01 GMT
server
cloudflare
etag
W/"65a6600d-80e8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30758400
cf-ray
84c3fc32cd0e4bc0-BUF
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
x-cache-hits
1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
959
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138344
x-xss-protection
0
server
cafe
etag
11931332024773231753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 26 Jan 2025 20:54:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
61 B
76 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=za.railfacts.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b9dba5c66088a341bbc8b537ff0a8891a95d10cf2f3882a30d98fe06e2368ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
expires
Sat, 27 Jan 2024 21:10:55 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
69 B
314 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
84c3fc33a8c46aed-BUF
access-control-allow-headers
Content-Type
swg-button.css
news.google.com/swg/js/v1/
18 KB
5 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:34:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 21:24:38 GMT
b69a94f5-e84f-4bd3-9bc4-a61e43ef0565
config.aps.amazon-adsystem.com/configs/
564 B
841 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/b69a94f5-e84f-4bd3-9bc4-a61e43ef0565
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-70.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
fc9c22ea802133881e2f1917663a3412d364f91ce4dd6de5d50540cb45b6ecf9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:31:18 GMT
via
1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
2377
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
_55Gu1OWs0LVCUM6nRMab8u_BW5Y5YkGZL3R8trgePWpVxRmXS9UXw==
config
c.amazon-adsystem.com/cdn/prod/
0
304 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fza.railfacts.com&pubid=b69a94f5-e84f-4bd3-9bc4-a61e43ef0565
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.151.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-151-146.mci50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:54 GMT
via
1.1 80d49a4446f5bfe8ba1faee2f764f150.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MCI50-P2
x-cache
Miss from cloudfront
access-control-allow-origin
https://za.railfacts.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
_mikk6SyAJ2IDjbcZbvsOJfCCIViwfWAtbKne8nqP9PDDOueXyXOWQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.151.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-151-146.mci50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 1c45ff94bf4404a61a2e0cc7793b4218.cloudfront.net (CloudFront)
x-amz-cf-pop
MCI50-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
dLIXlxxEFZolzKhrVp7MY10IFBMpywGgZsT28NouO_TvNayfJal6RQ==
sm.js
www.salesmanago.pl/static/
127 KB
48 KB
Script
General
Full URL
https://www.salesmanago.pl/static/sm.js
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
e8ffee5e732b3bf62e91bc3cc0dfc4b937fc5c1b43977f385dba49b1f149b4ef
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Tue, 23 Jan 2024 05:17:03 GMT
server
Apache
etag
"1fb1b-60f960e86a940-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
48263
expires
Sat, 27 Jan 2024 22:10:55 GMT
sdk.js
api-esp-eu.piano.io/public/sdk/v04/
43 KB
14 KB
Script
General
Full URL
https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
119089
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 08:51:13 GMT
server
cloudflare
etag
W/"1bbec-18b18c87a69"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp-eu.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
84c3fc34795d6aed-BUF
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 26 Jan 2025 21:10:55 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/
427 KB
103 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Jal9ZuZ5o01PB+RcMoFDzw==
age
26802
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105099
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:51 GMT
server
cloudflare
etag
0x8DC010C10DEF255
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
390b8f8c-601e-0090-780f-3303ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc346af16aee-BUF
1591989807909190
connect.facebook.net/signals/config/
53 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1591989807909190?v=2.9.143&r=stable&domain=za.railfacts.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b68549dd75889483469cf1c37ac0f2d1673ae589e27d3f2f7d49403f5b63c13a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 27 Jan 2024 21:10:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
3GJQzIEazLE8qW/CunCHFCa2kXsS5+GhdO0SzZR4hGtegJQiqEYhqM7tKMynknr9a+rjKWYR+Q1c+AGRNwexdg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.performax.cz/acc/ Frame D720
4 KB
3 KB
Script
General
Full URL
https://cdn.performax.cz/acc/loader.js?aab=loader
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
552379bfba7541e1a044efdb196d96a082c7be362b6b4696d6744eac510571b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
server
nginx
x-nginx-proxy
cdn1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600, private
access-control-allow-credentials
true
expires
Sat, 27 Jan 2024 22:10:55 GMT
js
www.googletagmanager.com/gtag/
267 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q5M7845HMR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8G4THH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21e028789ff3742c7ca6dbbd78b5b103001fe1598aabbeeacb05a430b62da1da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91614
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Jan 2024 21:10:55 GMT
pl.json
cdn.cookielaw.org/consent/13429b27-07e6-4ef3-a4bc-2776b6cd7a94/f5e78fbf-19ac-49f8-aa86-23c348732b4c/
153 KB
32 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/13429b27-07e6-4ef3-a4bc-2776b6cd7a94/f5e78fbf-19ac-49f8-aa86-23c348732b4c/pl.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099118939895a867b8f9b5080606e5543371711c888335575385d41310017ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
ZILd1XLV24ZxfSlGv3vLZg==
content-length
32959
x-ms-lease-status
unlocked
last-modified
Mon, 04 Dec 2023 10:00:55 GMT
server
cloudflare
etag
0x8DBF4AFE8382114
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
978b0ce1-801e-0053-3f86-4f1ab7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc353cea4bcf-BUF
expires
Sun, 28 Jan 2024 21:10:55 GMT
iab2V2Data.json
cdn.cookielaw.org/vendorlist/
545 KB
70 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1209eb3aaf54011199c61467559db866056e3debf2e0ae4005916f757f46293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
CH9R2rdntynjC3joOFDQiA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
71810
x-ms-lease-status
unlocked
last-modified
Sat, 27 Jan 2024 13:35:54 GMT
server
cloudflare
etag
0x8DC1F3CE2F57D7C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
269ddc5d-d01e-005e-6430-51d263000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc353cec4bcf-BUF
otTCF.js
cdn.cookielaw.org/scripttemplates/202311.1.0/
39 KB
12 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
gyFx8CMZToitPimiGpQzBw==
age
74593
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11706
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:50 GMT
server
cloudflare
etag
0x8DC010C1013AA8F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3a4042ff-901e-003d-0515-334f98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc353bab6aee-BUF
jquery-2.2.0.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
11587656
x-cache
HIT, HIT
content-length
29875
x-served-by
cache-lga21967-LGA, cache-nyc-kteb1890051-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1706389856.637028,VS0,VE0
etag
W/"28feccc0-14e55"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
6, 18699
/
i.gremicdn.pl/image/free/8e383a0455d2aaf481918cc9115c4371/
31 KB
31 KB
Image
General
Full URL
https://i.gremicdn.pl/image/free/8e383a0455d2aaf481918cc9115c4371/?t=crop:336:336:nowe:0:6,resize:fill:230:230,enlarge:1
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbf440d8cdc52e7dda0d42f3a3c365a7d43e7be19c6827096b9a0821eb0bf41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 20:54:14 GMT
date
Sat, 27 Jan 2024 21:10:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
content-disposition
inline; filename="8e383a0455d2aaf481918cc9115c4371.jpg"
alt-svc
h3=":443"; ma=86400
cdn-cache-control
stale-if-error=31536000
x-request-id
SOnuqCymyl-f9OvO0-hvs
last-modified
Sat, 27 Jan 2024 21:10:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg%2B5Hqzah6q1r8qzEMVuGGO7fe4%2FGH01i%2F%2Bm6jiyV%2BKDPDzgkNLuygw29mjaS%2B3EOS7VO8wycxhCpTxEN44xSQf%2F7ODNyjsMpoF7%2FECJRBNKoyrhWI5%2BrC16yAeTMNYhOYMFcc5YI2gLl4vR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
cf-ray
84c3fc355eef4bbb-BUF
x-cache-hits
1
/
i.gremicdn.pl/image/free/22969c2a41cdc3a6f791e7b8ccfeddcf/
14 KB
14 KB
Image
General
Full URL
https://i.gremicdn.pl/image/free/22969c2a41cdc3a6f791e7b8ccfeddcf/?t=crop:336:336:nowe:0:6,resize:fill:230:230,enlarge:1
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27181652ad8bec8ad3de045bf5241e7a3efce069c075d81e6137f12fed52dd01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 21:10:55 GMT
date
Sat, 27 Jan 2024 21:10:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-disposition
inline; filename="22969c2a41cdc3a6f791e7b8ccfeddcf.png"
alt-svc
h3=":443"; ma=86400
cdn-cache-control
stale-if-error=31536000
x-request-id
Q3S_Lzb-XEpDVFFAYhkCH
last-modified
Sat, 27 Jan 2024 21:10:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZonXS2fP56f6SXIBs2fH0dKH5%2FoccENF5XpsUwbSDG01Vg2NiJVicUB1BkUYMdGMq0psO8Y2ARUZGZCfdB4Ji9%2Bbmj1XQjo5WODqzGg5ZFNEv8tBmMQaa4hBMjnP9Jys982QXS2%2FBDdWe3M1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
cf-ray
84c3fc355ef04bbb-BUF
x-cache-hits
0
step1.html
login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/3p-cookies/ Frame C37A
2 KB
3 KB
Document
General
Full URL
https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: statics.rp.pl
URL: https://statics.rp.pl/dist/js/common-bundle.min.js?aver=b44c2c9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d663bb27ffd436448054de71f95009215a6d04f26e21448caae57a0fbafd6ec5
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://za.railfacts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
cf-cache-status
DYNAMIC
cf-ray
84c3fc35f8d34bd8-BUF
content-length
2273
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Sat, 27 Jan 2024 21:10:56 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
embed.min.js
cdn.onnetwork.tv/js/player90/
87 KB
29 KB
Script
General
Full URL
https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1706280891
Requested by
Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?sid=MjdZLDAsWVY%3D&iid=456
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.102.223 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w12.of.pl
Software
XO.webservantpro /
Resource Hash
bbf57f1acecebda40c09c8e6cf73bff8e905d83dadcbc103d02232b0c653896a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Sat, 27 Jan 2024 21:10:55 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 Jan 2024 14:54:51 GMT
server
XO.webservantpro
etag
W/"65b3c7bb-15dbc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=17280000, public
expires
Wed, 14 Aug 2024 21:10:55 GMT
a_cntg.png
cdn.onnetwork.tv/cnt/
126 B
332 B
Image
General
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1706389855578&d=7654&wsc=00&typ=embed&mobile=0&c=43
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.102.223 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w12.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
last-modified
Saturday, 27-Jan-2024 21:10:55 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
fpdata.js
rp.hit.gemius.pl/
282 B
396 B
Script
General
Full URL
https://rp.hit.gemius.pl/fpdata.js?href=za.railfacts.com
Requested by
Host: rp.hit.gemius.pl
URL: https://rp.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-216-95.dataspace.pl
Software
GHC /
Resource Hash
e3628ca641a583256262ef33ac7669a5cf03c6847648ec2bff8c5f037107c9d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:55 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
282
expires
Mon, 26 Feb 2024 21:10:55 GMT
lsget.html
ls.hit.gemius.pl/ Frame 94FD
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: rp.hit.gemius.pl
URL: https://rp.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
8b34dbe0af8faeaea883e25e15a8386acd6d40bc89273f4067af757d39b8fb35

Request headers

Referer
https://za.railfacts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2715
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 21:10:56 GMT
etag
PRIVATE7520710249
expires
Mon, 26 Feb 2024 21:10:56 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1591989807909190&ev=PageView&dl=https%3A%2F%2Fza.railfacts.com%2F&rl=&if=false&ts=1706389855704&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706389855702.1540805621&ler=empty&cdl=API_unavailable&it=1706389855455&coo=false&exp=d1&rqm=GET
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 27 Jan 2024 21:10:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
274
api-esp-eu.piano.io/publisher/fusion/lucid/data/
51 B
223 B
XHR
General
Full URL
https://api-esp-eu.piano.io/publisher/fusion/lucid/data/274?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ea89acd44916e795c2a708850efb30da5a90be7dcf8fc60e29cb3c2a0e1eed
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"33-7hHKWJEY7PY5oVhCInzbq227yi4"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://za.railfacts.com
access-control-allow-credentials
true
cf-ray
84c3fc37cc4d6aed-BUF
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
274
api-esp-eu.piano.io/publisher/fusion/lucid/data/ Frame
0
0
Preflight
General
Full URL
https://api-esp-eu.piano.io/publisher/fusion/lucid/data/274?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://za.railfacts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://za.railfacts.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84c3fc36db444bc3-BUF
date
Sat, 27 Jan 2024 21:10:55 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
matomo.php
stats.rp.pl/
0
156 B
Ping
General
Full URL
https://stats.rp.pl/matomo.php?action_name=Tauron%20ko%C5%84czy%20remont%20Jaworzna%20-%20rp.pl&idsite=6&rec=1&r=993459&h=11&m=10&s=55&url=https%3A%2F%2Fza.railfacts.com%2F&_id=e1321f5460318c46&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=VKjQkI&pf_net=217&pf_srv=1283&pf_tfr=173&pf_dm1=637&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: stats.rp.pl
URL: https://stats.rp.pl/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.15
vary
Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://za.railfacts.com
access-control-allow-credentials
true
cf-ray
84c3fc36a88b4bc0-BUF
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/804816147/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/804816147/?random=1706389855487&cv=11&fst=1706389855487&bg=ffffff&guid=ON&async=1&gtm=45He41o0v9103527763&gcd=11l1l1l1l1&dma=0&tcfd=10000&u_w=1600&u_h=1200&url=https%3A%2F%2Fza.railfacts.com%2F&hn=www.googleadservices.com&frm=0&tiba=Tauron%20ko%C5%84czy%20remont%20Jaworzna%20-%20rp.pl&pscdl=noapi&auid=2093462516.1706389856&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8G4THH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca5b4f05d3e266bee3e647232915e54b0affc162feee50860a792b2702ca93db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Q5M7845HMR&gtm=45je41o0v9103434331z89103527763&_p=1706389854967&_gaz=1&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1058682929.1706389856&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706389855&sct=1&seg=0&dl=https%3A%2F%2Fza.railfacts.com%2F&dt=Tauron%20ko%C5%84czy%20remont%20Jaworzna%20-%20rp.pl&en=page_view&_fv=1&_nsi=1&_ss=1&ep.author=Bart%C5%82omiej%20Sawicki&ep.content_main_category_name=Ciep%C5%82o&ep.content_paywall_accessibility=preview&ep.content_paywall_category=standard&ep.page_type=content&ep.page_subtype=article&up.adblock_detection=false&up.userIsLogged=false&up.userIsSubscribent=false&tfd=2637
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5M7845HMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://za.railfacts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
245 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q5M7845HMR&cid=1058682929.1706389856&gtm=45je41o0v9103434331z89103527763&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5M7845HMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://za.railfacts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LlCwctzybjJLq5Tzx/YKvA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2626
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:44 GMT
server
cloudflare
etag
0x8DC010C0CFD6B27
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e56d19f3-101e-007e-6b30-51a9c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc38289e4bcf-BUF
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
yvXg9cqHerDDeRorhtpvbQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12700
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:46 GMT
server
cloudflare
etag
0x8DC010C0DDC5F1F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6374e6e7-a01e-007b-2b86-4f7b1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc3828a14bcf-BUF
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Wed, 20 Dec 2023 03:30:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9e49dc75-c01e-0020-7d3d-504224000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84c3fc3828a24bcf-BUF
compass-multimedia-sdk.js
sdk.mrf.io/statics/
8 KB
3 KB
Script
General
Full URL
https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=887
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09088724c279c63fb21bb8c0576f4b30f94b2f78e5257e037460c14cba9d01bf

Request headers

Referer
https://za.railfacts.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
79
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 25 Jan 2024 07:33:18 GMT
server
cloudflare
etag
W/"fe275c6dff73f3baac06c8f68edb6e69"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
84c3fc3859954bd2-BUF
x-amz-cf-id
Uo9cUaWj7VhtZReHH-DipKipsQ28z0-U65uyg3P3WLIGA3aOXscdig==
events
api.deep.bi/v1/streams/SBpc0iNzX7gk/
16 B
785 B
XHR
General
Full URL
https://api.deep.bi/v1/streams/SBpc0iNzX7gk/events
Requested by
Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64c1c3f31b7e331c2aa373d81215a4c5af08963ba92831edaeed222787741a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
Authorization
bearer Da16NqKwj2619hxwdhdGH9u1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmKxi9iXYhCEBzpIUxDp%2Ft7AhxlcqpYFdYAvuadGHr4Xpo%2BmQHDtWTulWXUjZ%2FSCh8cmC6Zzk7%2BeYd6ROZ6qglOWU2gSXqTzT%2BOpHWfMmyrv3N6sIVYg2VzC%2FTQm51pa44u3SvPrgxz6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://za.railfacts.com
p3p
policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
84c3fc3b6adc4bbd-BUF
content-length
16
expires
0
events
api.deep.bi/v1/streams/SBpc0iNzX7gk/ Frame
0
0
Preflight
General
Full URL
https://api.deep.bi/v1/streams/SBpc0iNzX7gk/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://za.railfacts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://za.railfacts.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
84c3fc38dc0c4bc1-BUF
date
Sat, 27 Jan 2024 21:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjY%2BMpYtE4BrOlLXc7ZK80V9Dp4uJyHlzWp2vHfFlSYWYJ4UCgnwfLRRJ4ulbFDk6ViLVb5E7JzJ9MUcBhdvh0FrLSBCnhGw13mZGZS5OXbTTjKFqeIpfGUjJ05hgJ5%2FTyHIBYGc8N%2Bn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
1.js
cdn.performax.cz/acc/ Frame D720
9 B
243 B
Script
General
Full URL
https://cdn.performax.cz/acc/1.js
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/acc/loader.js?aab=loader
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
4df35b802e0134b1ca900d905922d477845d332f5d7f53e7fe0fc9267b48bfd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
server
nginx
x-nginx-proxy
cdn1
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
9
expires
Sun, 28 Jan 2024 21:10:56 GMT
2.js
cdn.performax.cz/acc/ Frame D720
9 B
243 B
Script
General
Full URL
https://cdn.performax.cz/acc/2.js
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/acc/loader.js?aab=loader
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
152415db6a40e18d456cf2acd8fe14fb97f09e92c12b199612781f0a3e8ee11a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
server
nginx
x-nginx-proxy
cdn1
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
9
expires
Sun, 28 Jan 2024 21:10:56 GMT
/
www.google.com/pagead/1p-user-list/804816147/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/804816147/?random=1706389855487&cv=11&fst=1706389200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v9103527763&u_w=1600&u_h=1200&url=https%3A%2F%2Fza.railfacts.com%2F&frm=0&tiba=Tauron%20ko%C5%84czy%20remont%20Jaworzna%20-%20rp.pl&fmt=3&is_vtc=1&cid=CAQSGwAvHhf__jj_u-ecXblpYkTbh4KXt0pm6h1UGQ&random=2269185180&rmt_tld=0&ipr=y
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sm_war.6ea6cc2dec716b451eae.js
www.salesmanago.pl/static/chunk/
5 KB
2 KB
Script
General
Full URL
https://www.salesmanago.pl/static/chunk/sm_war.6ea6cc2dec716b451eae.js
Requested by
Host: www.salesmanago.pl
URL: https://www.salesmanago.pl/static/sm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
a4b9a8d8bedd32188375912e7ef118adef7e215b396e2d976edebebc90dff322
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
last-modified
Mon, 22 Jan 2024 13:37:35 GMT
server
Apache
etag
"14b5-60f88eebe6a34-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
accept-ranges
bytes
content-length
2074
expires
Sat, 27 Jan 2024 22:10:56 GMT
vc.json
vc-service.saleago.com/api/
2 KB
2 KB
XHR
General
Full URL
https://vc-service.saleago.com/api/vc.json?s=8bo7ex8u23mg66xi&i=1
Requested by
Host: www.salesmanago.pl
URL: https://www.salesmanago.pl/static/sm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.154.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.154.110.34.bc.googleusercontent.com
Software
/
Resource Hash
67a9c8f3ae6d427dd3c7ab14ac8323f35b766b59091ef6a7b1e73c0746d03a32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 21:10:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1970
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=utf-8
vs
www.salesmanago.pl/api/
24 B
283 B
XHR
General
Full URL
https://www.salesmanago.pl/api/vs?location=za.railfacts.com&referrer=
Requested by
Host: www.salesmanago.pl
URL: https://www.salesmanago.pl/static/sm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
ad90eed55da429579ff1f8e62cc1c23eaa5dd62b74cae29c83a777bc25a7623b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
server
Apache
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
expires
Sat, 27 Jan 2024 21:10:57 GMT
r.gif
www.salesmanago.pl/api/
43 B
412 B
Image
General
Full URL
https://www.salesmanago.pl/api/r.gif?uri=%2F&location=za.railfacts.com&uuid=18d4cc2dfbc-77086e061ac0-7c64a05c-45020d07-e804101c-a4d73ef15f1e&referrer=&smid=8bo7ex8u23mg66xi&time=2024-01-27T21%3A10%3A56Z&timestamp=1706389856195&session=1&title=Tauron%20ko%C5%84czy%20remont%20Jaworzna%20-%20rp.pl&cp=1706389856196&ns=true&fp=069fa301a2c4b38c98482e2e6287e10f
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.227.202.129 , Poland, ASN31242 (TKPSA-AS, PL),
Reverse DNS
host91227202129.3s.pl
Software
Apache /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31540000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31540000
server
Apache
vary
Accept-Encoding
content-type
image/gif;charset=UTF-8
cache-control
max-age=0
expires
Sat, 27 Jan 2024 21:10:56 GMT
flexo.js
cdn.performax.cz/px2/
48 KB
21 KB
Script
General
Full URL
https://cdn.performax.cz/px2/flexo.js?aab=ulite_loaderv2.43.0
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/acc/loader.js?aab=loader
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
c7a8fdd4adac64c88b5e70b56fe9686f3f1291ea93fa034bc83adde6a1046f38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
server
nginx
x-nginx-proxy
cdn1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sat, 27 Jan 2024 22:10:56 GMT
frame86.php
video.onnetwork.tv/
133 B
303 B
Fetch
General
Full URL
https://video.onnetwork.tv/frame86.php?id=ffONNP7d412be6717169a1a6db008fc43e612417063898562631&iid=456&e=1&lang=0&onnsfonn=1&mid=MCwxNng5LDQsMCwyMDcxLDc2NTQsMCwwLDEsMCwwLDAsOCwwLDQsMSwwLDEsMCwwLDAsMCwwLDAsMCwyLDAsMDstMTstMTswO0JMOzA7MDswOzUyLDAsNDksMCwwLDAsMDswOzA7MDswOzA7MCww&wtop=https%253A%252F%252Fza.railfacts.com%252F&apop=0&vpop=0&apopa=0&vpopa=0&rrpt=%7B%22amznbid%22%3A%5B%220%22%5D%2C%22amznp%22%3A%5B%220%22%5D%2C%22CxSegments%22%3Anull%7D
Requested by
Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/js/player90/embed.min.js?s=1706280891
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.202.152.44 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11.eris-k.of.pl
Software
XO.webservant /
Resource Hash
b3ad55ff492785523426f6cfd8cb9a3b6b0310e0fee01cdeb45d91eb66e788f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 27 Jan 2024 21:10:56 GMT
last-modified
Sat, 27 Jan 2024 21:10:56 GMT
server
XO.webservant
vary
Accept-Encoding
p3p
CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin
https://za.railfacts.com
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy
fullscreen *; autoplay;
access-control-allow-credentials
true
content-length
132
expires
Sat, 27 Jan 2024 21:10:57 GMT
a_cntg.png
cdn.onnetwork.tv/cnt/
126 B
331 B
Image
General
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1706389856263&d=7654&wsc=00&typ=embed&mobile=0&c=47
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.102.223 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w12.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
last-modified
Saturday, 27-Jan-2024 21:10:56 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
a_cntg.png
cdn.onnetwork.tv/cnt/
126 B
331 B
Image
General
Full URL
https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1706389856271&d=7654&wsc=00&typ=embed&mobile=0&c=40
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.102.223 , France, ASN16276 (OVH, FR),
Reverse DNS
vh11b.eris-w12.of.pl
Software
XO.webservantpro /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
last-modified
Saturday, 27-Jan-2024 21:10:56 GMT
server
XO.webservantpro
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
126
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
488 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:21 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
48ef06dd-f01e-0004-4c3e-50b484000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84c3fc3a1b084bcf-BUF
Gremi_Media_logo_transparent.png
cdn.cookielaw.org/logos/b12a3751-8603-4126-8348-6313c00443ad/e0702e7d-d2bf-4770-a35b-5a9956c24cf9/481ec588-7a73-4741-a114-1855ef683e86/
29 KB
29 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/b12a3751-8603-4126-8348-6313c00443ad/e0702e7d-d2bf-4770-a35b-5a9956c24cf9/481ec588-7a73-4741-a114-1855ef683e86/Gremi_Media_logo_transparent.png
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e57930fb7ca7514eb9513086ff11574851ebe99ba3779106a1236be6de98c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4KNkEJi/5L9ODWyMVDvwCw==
age
14666
content-length
29891
x-ms-lease-status
unlocked
last-modified
Wed, 06 Sep 2023 14:54:29 GMT
server
cloudflare
etag
0x8DBAEE92C5AD204
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
4739a6e2-401e-004c-249b-17a9b3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc3a5ba96aee-BUF
Gremi_Media_logo_transparent.png
cdn.cookielaw.org/logos/b12a3751-8603-4126-8348-6313c00443ad/66296608-2634-4aee-b075-2f2748e2f0d6/7a15c7f0-d374-4e67-adfe-2837a3ea2117/
29 KB
29 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/b12a3751-8603-4126-8348-6313c00443ad/66296608-2634-4aee-b075-2f2748e2f0d6/7a15c7f0-d374-4e67-adfe-2837a3ea2117/Gremi_Media_logo_transparent.png
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e57930fb7ca7514eb9513086ff11574851ebe99ba3779106a1236be6de98c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4KNkEJi/5L9ODWyMVDvwCw==
age
14666
content-length
29891
x-ms-lease-status
unlocked
last-modified
Wed, 13 Sep 2023 10:23:45 GMT
server
cloudflare
etag
0x8DBB44382C73CDD
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
6eb4060b-901e-004f-7b9b-1748d7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
84c3fc3a5bab6aee-BUF
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
46127
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jan 2024 20:55:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9f383b3d-d01e-003c-600b-501044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
84c3fc3a5bad6aee-BUF
login-status-iframe.html
login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/ Frame A500
3 KB
3 KB
Document
General
Full URL
https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/login-status-iframe.html
Requested by
Host: statics.rp.pl
URL: https://statics.rp.pl/dist/js/common-bundle.min.js?aver=b44c2c9d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b3a2e6395838b40e3397fad5e96657412fa9e1ffefbc81f0029e476df499a6
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://za.railfacts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
cf-cache-status
DYNAMIC
cf-ray
84c3fc3afd114bd8-BUF
content-length
2637
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Sat, 27 Jan 2024 21:10:56 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
e87054ded32ae473684f.js
sdk.mrf.io/statics/
51 KB
13 KB
Script
General
Full URL
https://sdk.mrf.io/statics/e87054ded32ae473684f.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=887
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29de72896b6c83b67a67bbbdd8b125541784c50c892aea043f3e7409c7899dbc

Request headers

Referer
https://za.railfacts.com/
Origin
https://za.railfacts.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
content-encoding
gzip
via
1.1 c08a0ab3127361278a0f4d97c34cd682.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
CDG52-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jan 2024 15:35:40 GMT
server
cloudflare
etag
W/"6d29da5f1031a7a6d4650f8d8b71306d"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
84c3fc3acbdd4bd2-BUF
x-amz-cf-id
vNvd2JkgO8oR74NkPt1ckzA2KIWVPZr49FEnbnFBzwVW55zG0-5z1w==
rexdot.js
rp.hit.gemius.pl/__/_1706389856464/
Redirect Chain
  • https://rp.hit.gemius.pl/_1706389856464/rexdot.js?l=100&sendf=24&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=600&fv=-&href=https%3A%2F%2Fza.rail...
  • https://rp.hit.gemius.pl/__/_1706389856464/rexdot.js?l=100&sendf=24&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=600&fv=-&href=https%3A%2F%2Fza.r...
167 B
547 B
Script
General
Full URL
https://rp.hit.gemius.pl/__/_1706389856464/rexdot.js?l=100&sendf=24&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=600&fv=-&href=https%3A%2F%2Fza.railfacts.com%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ye8l..PVtRVBeuIy.CO9DINC4DibipCCy_.B30JSqJf.w7S80fCvkcg6F4nBrrZuM_xvchmk2NvtpAJitvpoZdMuFIAf/j1wyIrNUoSzYF/&fpdata=3VbKtC5tMvavZsj2PZPjEy9qFbVynDkPFEuwgegqaen.L7&ltime=780&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65b5715f28aab500&brts=1706389856&fpcap=
Requested by
Host: za.railfacts.com
URL: https://za.railfacts.com/
Protocol
H2
Server
195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-216-95.dataspace.pl
Software
GHC /
Resource Hash
07f0d9ab0ec69b41890acb3de662b4fca6dd05490e8059e4f649b6d4a9e5996e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
167
expires
Fri, 26 Jan 2024 21:10:56 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:56 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1706389856464/rexdot.js?l=100&sendf=24&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=600&fv=-&href=https%3A%2F%2Fza.railfacts.com%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ye8l..PVtRVBeuIy.CO9DINC4DibipCCy_.B30JSqJf.w7S80fCvkcg6F4nBrrZuM_xvchmk2NvtpAJitvpoZdMuFIAf/j1wyIrNUoSzYF/&fpdata=3VbKtC5tMvavZsj2PZPjEy9qFbVynDkPFEuwgegqaen.L7&ltime=780&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65b5715f28aab500&brts=1706389856&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Fri, 26 Jan 2024 21:10:56 GMT
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/e87054ded32ae473684f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96db4dac8a44b046af70bfd9b2ee7bab886cb97a93c7c0ea08fdb5de0a09d4e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 27 Jan 2024 21:10:56 GMT
init
login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/login-status-iframe.html/ Frame A500
0
0
Fetch
General
Full URL
https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/login-status-iframe.html/init?client_id=rp&origin=https%3A%2F%2Fza.railfacts.com
Requested by
Host: login.gremimedia.pl
URL: https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/login-status-iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
84c3fc3cdf1c4bd8-BUF
content-length
0
x-xss-protection
1; mode=block
www-widgetapi.js
www.youtube.com/s/player/cb886c6c/www-widgetapi.vflset/
216 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/cb886c6c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3051a90084894b6f43440c9501c73d59926c72f9fd05fd67c5bb9ba3771e74be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 16:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
16308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68501
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 05:49:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 26 Jan 2025 16:39:08 GMT
dw-check.html
experiences.mrf.io/passexperience/ Frame D85C
3 KB
1 KB
Document
General
Full URL
https://experiences.mrf.io/passexperience/dw-check.html?v=6
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2941
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://za.railfacts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1679905
alt-svc
h3=":443"; ma=86400
cache-control
max-age=86400, s-maxage=2592000
cf-cache-status
HIT
cf-ray
84c3fc3e58a14bcd-BUF
content-encoding
gzip
content-type
text/html
date
Sat, 27 Jan 2024 21:10:57 GMT
last-modified
Mon, 08 Jan 2024 08:31:32 GMT
server
cloudflare
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
rum
energia.rp.pl/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://energia.rp.pl/cdn-cgi/rum?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://za.railfacts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://za.railfacts.com
access-control-max-age
86400
cf-ray
84c3fc3def2e4bcc-BUF
content-encoding
gzip
content-type
text/plain
date
Sat, 27 Jan 2024 21:10:56 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
energia.rp.pl/cdn-cgi/
0
60 B
XHR
General
Full URL
https://energia.rp.pl/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Jan 2024 21:10:57 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://za.railfacts.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
84c3fc3e1f874bcc-BUF
events
api.deep.bi/v1/streams/SBpc0iNzX7gk/ Frame
0
0
Preflight
General
Full URL
https://api.deep.bi/v1/streams/SBpc0iNzX7gk/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://za.railfacts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://za.railfacts.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
84c3fc3dfc2a4bc1-BUF
date
Sat, 27 Jan 2024 21:10:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s794w65oR%2Fai914iZPrPGwgLjvJ8xlFJVgGRdm2d7w3fEzzsFsTkZ9qNBpWTOMvRH0ag0z77sokLA37X4An%2FUDpZeh1dV6NpgHj56EHM6JE7ayLt0f8E5g9p6hHaRS31q3M2voXVam%2BR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
events
api.deep.bi/v1/streams/SBpc0iNzX7gk/
0
277 B
XHR
General
Full URL
https://api.deep.bi/v1/streams/SBpc0iNzX7gk/events
Requested by
Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
Authorization
bearer Da16NqKwj2619hxwdhdGH9u1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 21:10:57 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N3gDty1N71Bxoem15i0S%2BP5lUdMeQ9MP8EboTv1utOAdOin%2F8t1aGULbVOZQ6N%2BeYWtUA%2BBdnSEgm7%2FGtnID5pb7CCJywXqb%2B3FcVUjOKNCakmMQ9fuGpkbMmHYTUpzeUr2xfCbhpkf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://za.railfacts.com
access-control-allow-credentials
true
cf-ray
84c3fc3ee8634bbd-BUF
events
api.deep.bi/v1/streams/SBpc0iNzX7gk/
0
252 B
XHR
General
Full URL
https://api.deep.bi/v1/streams/SBpc0iNzX7gk/events
Requested by
Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
Authorization
bearer Da16NqKwj2619hxwdhdGH9u1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jan 2024 21:10:57 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlwKd4iCURJEvLv%2FF8zEcLRxWyKJPY6ZfUT05DzbvisEbepCfrTxluj%2FyewtLVBaOjCTEWeXfHZWIL6c3KsN%2BVkakfHeIhCjzM0dQOlFsr7ITg77lx3MQymwb48mbOthQGobjhJ26egc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://za.railfacts.com
access-control-allow-credentials
true
cf-ray
84c3fc4029fb4bbd-BUF
events
api.deep.bi/v1/streams/SBpc0iNzX7gk/ Frame
0
0
Preflight
General
Full URL
https://api.deep.bi/v1/streams/SBpc0iNzX7gk/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://za.railfacts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://za.railfacts.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
84c3fc3dfc334bc1-BUF
date
Sat, 27 Jan 2024 21:10:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYhXBW7wfJVWgSiusPd8fYs8zR8kcvXiqLo4Jy6wbr0EBRMm%2Fk413dVLcbLORmJSBTW4D6K%2BRyhbqPSNTjCOjXPyGstxHZMSqzfqMrTGwtzb66%2BIh9zPtLqrucn9G9UNuLL%2B0ehY5ACK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
/
dale.performax.cz/
5 KB
2 KB
XHR
General
Full URL
https://dale.performax.cz/?slotId=rp-pl-aab-conf&client=flexo:v2.63.1&aab=ulite_loader
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/px2/flexo.js?aab=ulite_loaderv2.43.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.239.227.28 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
85-239-227-28.nlooud.com
Software
openresty /
Resource Hash
e44ce869cece17cd45a5cdddc9b129c0429c084dcd86b5d74996f9533f59b447

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 27 Jan 2024 21:10:58 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://za.railfacts.com
access-control-allow-credentials
true
x-server
px2-delivery7-nginx
x-time
0.005
/
dale.performax.cz/ Frame
0
0
Preflight
General
Full URL
https://dale.performax.cz/?slotId=rp-pl-aab-conf&client=flexo:v2.63.1&aab=ulite_loader
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.239.227.28 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
85-239-227-28.nlooud.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://za.railfacts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, x-requested-with, content-type, accept
access-control-allow-methods
POST
access-control-allow-origin
https://za.railfacts.com
access-control-max-age
864000
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 27 Jan 2024 21:10:58 GMT
server
openresty
x-server
px2-delivery7-nginx
redot.js
rp.hit.gemius.pl/_1706389857886/
2 B
427 B
Script
General
Full URL
https://rp.hit.gemius.pl/_1706389857886/redot.js?l=109&sendf=16&id=csrgwktZfv9Ixp1PL4mfPLRHP32y3Xr8rmoivNMBEpb.t7&et=smpsonar&hsrc=0&extra=_ASF%3D40&eventid=1706389856&tz=600&fv=-&href=https%3A%2F%2Fza.railfacts.com%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ye8l..PVtRVBeuIy.CO9DINC4DibipCCy_.B30JSqJf.w7S80fCvkcg6F4nBrrZuM_xvchmk2NvtpAJitvpoZdMuFIAf/j1wyIrNUoSzYF/&fpdata=3VbKtC5tMvavZsj2PZPjEy9qFbVynDkPFEuwgegqaen.L7&ltime=780&fr=1&ref=&inner=_ver%3D347%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=65b5715f28aab500&brts=1706389857&fpcap=
Requested by
Host: rp.hit.gemius.pl
URL: https://rp.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.177.216.95 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS
host-195-177-216-95.dataspace.pl
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:10:57 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Fri, 26 Jan 2024 21:10:57 GMT
matomo.php
stats.rp.pl/
0
59 B
Ping
General
Full URL
https://stats.rp.pl/matomo.php
Requested by
Host: stats.rp.pl
URL: https://stats.rp.pl/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sat, 27 Jan 2024 21:10:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.15
vary
Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://za.railfacts.com
access-control-allow-credentials
true
cf-ray
84c3fc462f314bc0-BUF
insert_rtb.js
cdn.performax.cz/acc/
24 KB
10 KB
Script
General
Full URL
https://cdn.performax.cz/acc/insert_rtb.js?473997
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/px2/flexo.js?aab=ulite_loaderv2.43.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
f5335839a41014bd7cb15f8e4037cd55f1d421301f3d54f6815b512e6cc11de1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:58 GMT
content-encoding
gzip
server
nginx
x-nginx-proxy
cdn1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600, private
access-control-allow-credentials
true
expires
Sat, 27 Jan 2024 22:10:58 GMT
imp
chip.performax.cz/
43 B
160 B
Image
General
Full URL
https://chip.performax.cz/imp?creative_id=85263&slot_id=18183&req_id=s7xuu9-srp-pl-aab-conf-1l42lt&pv_id=s7xuu8-pv-1ax0u5&device=desktop&os=windows&browser=chrome&unsafe=0&autoreload_type=none&cmp=cmpuishown&aab=ulite_loader
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.221.198 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
109-123-221-198.nlooud.com
Software
openresty /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:59 GMT
cache-control
no-store
x-server
px2-counting6-nginx
server
openresty
x-time
0.0
content-length
43
content-type
image/gif
1.js
cdn.performax.cz/acc/
9 B
243 B
Script
General
Full URL
https://cdn.performax.cz/acc/1.js?v=v2.43.0
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/acc/insert_rtb.js?473997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
4df35b802e0134b1ca900d905922d477845d332f5d7f53e7fe0fc9267b48bfd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:58 GMT
server
nginx
x-nginx-proxy
cdn1
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
9
expires
Sun, 28 Jan 2024 21:10:58 GMT
2.js
cdn.performax.cz/acc/
9 B
243 B
Script
General
Full URL
https://cdn.performax.cz/acc/2.js?v=v2.43.0
Requested by
Host: cdn.performax.cz
URL: https://cdn.performax.cz/acc/insert_rtb.js?473997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.123.210.81 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS
vpbx.canistec.cz
Software
nginx /
Resource Hash
152415db6a40e18d456cf2acd8fe14fb97f09e92c12b199612781f0a3e8ee11a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://za.railfacts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:10:58 GMT
server
nginx
x-nginx-proxy
cdn1
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400, private
access-control-allow-credentials
true
accept-ranges
bytes
content-length
9
expires
Sun, 28 Jan 2024 21:10:58 GMT
collect
analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Q5M7845HMR&gtm=45je41o0v9103434331z89103527763&_p=1706389854967&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1058682929.1706389856&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1706389855&sct=1&seg=0&dl=https%3A%2F%2Fza.railfacts.com%2F&dt=Tauron%20ko%C5%84czy%20remont%20Jaworzna%20-%20rp.pl&_s=2&tfd=7653
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5M7845HMR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 27 Jan 2024 21:11:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://za.railfacts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/
126 B
516 B
XHR
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=2941
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.128.96.202 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://za.railfacts.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 27 Jan 2024 21:11:01 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://za.railfacts.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| OneTrustStub function| OptanonWrapper function| onYouTubeIframeAPIReady function| getCookie function| setCookie function| getUser boolean| adDebug object| commercialBreakConfig function| showAdditionalMarketingBlock string| contentBodySectionAdvertFallback function| hideAdvertLabel function| checkAdBlock function| getBreakpointName function| isMobileBreakpoint function| checkCommercialBreak object| apstag function| renderAdvert object| gas object| pbjs object| adTargets object| googletag function| renderLoadMoreBillboard function| renderLoadMoreRectangle function| renderLoadMoreScript string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| gtag object| dataLayer number| deepInitializerListenerId function| fbq function| _fbq object| _paq function| e function| t object| marfeel function| setRPPLUuid function| pushDataLayer object| initialObject object| user object| FCM_CONFIG string| VAPID_PUBLIC_KEY string| FCM_API_ENDPOINT object| commercialBreakFormat function| isCBTestingRequest function| isCloseButtonDisabled function| incrementDailyCounter function| canShowCommercialBreak function| elementEvent function| registerClickElements function| processAddMessage object| commercialBreak object| commercialBreakSlot boolean| showCloseButtonOnRenderEnded number| showCloseButtonWithDelay function| receiveOnnetworkInfo function| injectAdvert object| lazyLoadOptions object| ggeac object| google_tag_data object| google_js_reporting_queue object| SUBSCRIPTIONS object| SWG object| default_gsi object| _F_toggles object| google function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering object| _aps boolean| apstagLOADED object| apscustom object| pbjsChunk object| _pbjsGlobals object| invibes function| fbAsyncInit object| lazyLoadInstance string| _smid string| SalesmanagoObject function| sm object| PianoESPConfig undefined| google_measure_js_timing string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| google_tag_manager object| __cfBeacon object| closure_lm_321580 object| PianoESP boolean| isLogged function| customizeCMP function| initPushNotifications string| _ONND_URL_EMBED string| _ONND_URL_CDN_EMBED string| _ONNPBaseId function| ONTVdebug object| webpackChunk_marfeel_marfeel_sdk object| tp function| _typeof function| _createClass function| _classCallCheck object| deepUtils object| deepBrowserUtils object| deepQueryString object| deepTracker object| sessionManager object| visibly function| deep object| otIabModule object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log undefined| $ undefined| jQuery object| Optanon object| OneTrust object| GooglebQhCsO object| gaGlobal object| __mrfCompass object| aabLite function| __smjsonp__ function| setImmediate function| clearImmediate object| ___sm.js___ object| smLiveChat function| smCreateCookie function| smReadCookie function| smFindContactIdByExternalId function| smEvent function| buildEventUrl undefined| client undefined| conversation undefined| smlid undefined| smpid object| storedClient object| smQueue function| listener object| px2 function| ONTVMiniatureEnabled function| ONTVdisposePlayer function| ONTVFSSwitch function| ONTVFSOff function| ONTVsendCommand function| ONTVAllPlayerIndex function| ONTVhideAllMiniature object| webpackChunk_marfeel_compass_multimedia_sdk object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| aab_rtb_config object| Criteo function| CriteoAdblock function| SklikAdblock number| acc_ok number| acc_bn

25 Cookies

Domain/Path Name / Value
za.railfacts.com/ Name: _subid
Value: 31e67do4pebo
za.railfacts.com/ Name: 591fc
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIzMDlcIjoxNzA2Mzg5ODUzfSxcImNhbXBhaWduc1wiOntcIjczN1wiOjE3MDYzODk4NTN9LFwidGltZVwiOjE3MDYzODk4NTN9In0.bkccGAf_3G2DKq7h2DvvatZ-tH1gZU_m0BYguVbxBpM
.railfacts.com/ Name: __rppl_uid
Value: 4057a6de-e261-4d15-b946-134e594d8797
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.piano.io/ Name: __cf_bm
Value: XiRETn23Ck_KTtoo_5CA1BfroaYou_dV5Eat78S8aN4-1706389855-1-AW6gIafRLHbdcqSq3GoSKIBcJibk076eQV/1kpVtzRgB/h0SPprHb89BGvem0Di1dv/xdg/tx4cLe3nHAPY5EyE=
.adform.net/ Name: uid
Value: 6965714492211818860
.railfacts.com/ Name: _fbp
Value: fb.1.1706389855702.1540805621
za.railfacts.com/ Name: _pk_id.6.e273
Value: e1321f5460318c46.1706389856.
za.railfacts.com/ Name: _pk_ses.6.e273
Value: 1
.railfacts.com/ Name: _gcl_au
Value: 1.1.2093462516.1706389856
.railfacts.com/ Name: _ga
Value: GA1.1.1058682929.1706389856
.railfacts.com/ Name: _ga_Q5M7845HMR
Value: GS1.1.1706389855.1.0.1706389855.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.railfacts.com/ Name: deepbi_firstparty_cookie
Value: clrwkgnco0p3ca3po05
.railfacts.com/ Name: deepbi_user_session
Value: 72b04755-d801-47f7-ab0a-0e8b86bd8d77|1
.railfacts.com/ Name: __gfp_64b
Value: 3VbKtC5tMvavZsj2PZPjEy9qFbVynDkPFEuwgegqaen.L7|1706389855
.za.railfacts.com/ Name: smvr
Value: eyJ2aXNpdHMiOjEsInZpZXdzIjoxLCJ0cyI6MTcwNjM4OTg1NjE4MywiaXNOZXdTZXNzaW9uIjp0cnVlfQ==
.za.railfacts.com/ Name: smuuid
Value: 18d4cc2dfbc-77086e061ac0-7c64a05c-45020d07-e804101c-a4d73ef15f1e
.za.railfacts.com/ Name: _smvs
Value: DIRECT
.youtube.com/ Name: YSC
Value: RWmTuCvJATw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: iq5dSK41WPw
.railfacts.com/ Name: deepbi_user_deepcookie
Value: lrwkgo67-1haas8c
.hit.gemius.pl/ Name: Gdyn
Value: KlxbpRMGQMGGUP6FO8Mtg3iUssGML1DiL6nxmG7aw5SnlZaUGsRP0QlGvGQpMF38SYS8RLpGDy2xFSy8w6jGsG..
.hit.gemius.pl/ Name: Gdynp
Value: RHGFxuZO2pTJXovjLHP_YJRVGNf9YTiaWV9x9hurl2j.L7

2 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1591989807909190?v=2.9.143&r=stable&domain=za.railfacts.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://login.gremimedia.pl/auth/realms/gremimedia/protocol/openid-connect/login-status-iframe.html/init?client_id=rp&origin=https%3A%2F%2Fza.railfacts.com
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
api-esp-eu.piano.io
api.deep.bi
c.amazon-adsystem.com
cdn.cookielaw.org
cdn.onnetwork.tv
cdn.performax.cz
cdn.rp.pl
chip.performax.cz
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
dale.performax.cz
energia.rp.pl
events.newsroom.bi
experiences.mrf.io
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.gremicdn.pl
login.gremimedia.pl
ls.hit.gemius.pl
news.google.com
rp.hit.gemius.pl
sdk.mrf.io
securepubads.g.doubleclick.net
static.cloudflareinsights.com
statics.rp.pl
stats.g.doubleclick.net
stats.rp.pl
track.adform.net
vc-service.saleago.com
video.onnetwork.tv
www.facebook.com
www.google.com
www.googletagmanager.com
www.salesmanago.pl
www.youtube.com
za.railfacts.com
108.138.106.70
108.157.151.146
109.123.210.81
109.123.221.198
145.239.237.56
149.202.152.44
195.177.216.95
2001:4860:4802:38::181
217.182.102.223
2606:4700:10::6816:4555
2606:4700:10::ac43:1e05
2606:4700:20::681a:fc5
2606:4700:3030::6815:5bb1
2606:4700:3033::6815:325a
2606:4700:3033::ac43:9fa2
2606:4700:3035::6815:4360
2606:4700:4400::ac40:9b77
2606:4700::6810:3865
2606:4700::6811:c276
2606:4700::6812:83ec
2607:f8b0:4004:c09::54
2607:f8b0:4004:c09::9a
2607:f8b0:4006:807::2002
2607:f8b0:4006:80d::2004
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::649
34.110.154.184
37.157.4.28
57.128.96.202
85.239.227.28
91.227.202.129
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f0d9ab0ec69b41890acb3de662b4fca6dd05490e8059e4f649b6d4a9e5996e
09088724c279c63fb21bb8c0576f4b30f94b2f78e5257e037460c14cba9d01bf
099118939895a867b8f9b5080606e5543371711c888335575385d41310017ed3
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
09ff69974c9512ebf50fa2a9a0c8fbfb8f8624aab670208cad3f81a978147639
152415db6a40e18d456cf2acd8fe14fb97f09e92c12b199612781f0a3e8ee11a
196f22327d57f74877e2a049e9e0c63955d5415126691dde9a31544909458d8e
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b9dba5c66088a341bbc8b537ff0a8891a95d10cf2f3882a30d98fe06e2368ee
21e028789ff3742c7ca6dbbd78b5b103001fe1598aabbeeacb05a430b62da1da
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27181652ad8bec8ad3de045bf5241e7a3efce069c075d81e6137f12fed52dd01
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
29de72896b6c83b67a67bbbdd8b125541784c50c892aea043f3e7409c7899dbc
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
3051a90084894b6f43440c9501c73d59926c72f9fd05fd67c5bb9ba3771e74be
33ea89acd44916e795c2a708850efb30da5a90be7dcf8fc60e29cb3c2a0e1eed
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e57930fb7ca7514eb9513086ff11574851ebe99ba3779106a1236be6de98c8e
4822fa2443c0317dc37db0463ae8cd5ad2ba1e6b3419763bfdbcb22c1c321bf5
4a945a1fd0a832f995d9943baf887c16fd4ad46d876d38847245b2c19f5b31c8
4be1addf4ee8c28eff431ef8bfbc475913c1234f6315c50047bc1eda86de71f3
4df35b802e0134b1ca900d905922d477845d332f5d7f53e7fe0fc9267b48bfd4
552379bfba7541e1a044efdb196d96a082c7be362b6b4696d6744eac510571b0
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5ee76a840bf4db62e3998c5b0e71012fb78c28b081a3c0859bb484c09afc090a
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
67a9c8f3ae6d427dd3c7ab14ac8323f35b766b59091ef6a7b1e73c0746d03a32
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7059fe0eedb426fa3b23e603653d639f5abe0403f2c2bef40bbdbaeae92f2156
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
773570c4a764cad142860665c95108a3007df5e6fa13c37b317c9f9de79dbbaa
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
7ef7ea9d47fe86517e391a33a924526f94630387fcdc2ad2a920b91320ba33b4
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
80e4e0d9025d16fde3cc8a881627c20edc2b60a3d540e47e6503afc36a8dbb23
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a6d3f61f70611cc5a900c7b97cb1954f657526b81e3e9efe5b6bd701b65143
85df66e234e81a0f05e46be7033b62b82c087004a398369133852c2fcfa4df64
862b0c0bc493d16318e6043e446fb490c7240806e61db6dd934049e4a99de90b
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a45f35b9fa5b3b0694b00f905cac70927c905dc9f119f474bbe45c1179d17be
8a90c397013de8b191f065e823c36a264c452daa0f7543d9f92057dd51269207
8ab7623617614acd5746a7e1b5d29c348558f0c95ee450a68617c398a667764d
8b34dbe0af8faeaea883e25e15a8386acd6d40bc89273f4067af757d39b8fb35
8dbf440d8cdc52e7dda0d42f3a3c365a7d43e7be19c6827096b9a0821eb0bf41
96db4dac8a44b046af70bfd9b2ee7bab886cb97a93c7c0ea08fdb5de0a09d4e3
972d96ac2ae8d348a405eed483e05cdf043b9f180ee72f2e79521bcfb3a039fc
97b3a2e6395838b40e3397fad5e96657412fa9e1ffefbc81f0029e476df499a6
9a811246367093979c01fc9ea67e8db8c1b1e5abbd10fd669d6de163702c942b
9fc487a75eea98b11319aafde13f978f28438e37cd8bcf0fca3ac4f86812a607
a1209eb3aaf54011199c61467559db866056e3debf2e0ae4005916f757f46293
a4b9a8d8bedd32188375912e7ef118adef7e215b396e2d976edebebc90dff322
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a809c2a4f7a017eb7040271b04bba1309fc57b4ec8413551b35c1bbec214aed1
ad90eed55da429579ff1f8e62cc1c23eaa5dd62b74cae29c83a777bc25a7623b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b225b553da329022367ef9806c9820cbb60051aede8489749a879cfc3bed0677
b3ad55ff492785523426f6cfd8cb9a3b6b0310e0fee01cdeb45d91eb66e788f1
b64c1c3f31b7e331c2aa373d81215a4c5af08963ba92831edaeed222787741a9
b68549dd75889483469cf1c37ac0f2d1673ae589e27d3f2f7d49403f5b63c13a
bbf57f1acecebda40c09c8e6cf73bff8e905d83dadcbc103d02232b0c653896a
bdae391e43d1e811915d3d0ca7115ed4291c50c56fb0e51780dcde0289288af1
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c7a8fdd4adac64c88b5e70b56fe9686f3f1291ea93fa034bc83adde6a1046f38
ca5b4f05d3e266bee3e647232915e54b0affc162feee50860a792b2702ca93db
ce1a31c75915ad2ad39574b9a17aaedb160f0ed3875b6b93ef6675dc369b0bd0
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d663bb27ffd436448054de71f95009215a6d04f26e21448caae57a0fbafd6ec5
e3628ca641a583256262ef33ac7669a5cf03c6847648ec2bff8c5f037107c9d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44ce869cece17cd45a5cdddc9b129c0429c084dcd86b5d74996f9533f59b447
e4ad3a7c4aa97b074c4d59a438bb5813ded8ad1d8bb8cf630abb4c6ee075d54e
e866ca8f8fcb939a0cfe32405e3d7b6df28954cef95e376062f5179a95bb3688
e8ffee5e732b3bf62e91bc3cc0dfc4b937fc5c1b43977f385dba49b1f149b4ef
ed95321ed31879430a7a78b91a1701b4f96985590f4e368e00739d11a744ec28
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f261a41711dff923718de67b10f4793b51f67929daf863e57fca52482959fa92
f353dc5c50b7072908b1a2b89e4d7c90121217a6162ee074abd7a66c7db00722
f5335839a41014bd7cb15f8e4037cd55f1d421301f3d54f6815b512e6cc11de1
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fc9c22ea802133881e2f1917663a3412d364f91ce4dd6de5d50540cb45b6ecf9
ffaf7355cae29a1df4cbab8cde94239a38c80eb7e764d451b45ba3ef47dc3436