urlscan.io logo urlscan.io
SecurityTrails logo

telegrafi.com Open in urlscan Pro
2606:4700:3035::6815:c5a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.telegrafi.com/
Effective URL: https://telegrafi.com/
Submission: On December 15 via manual from AL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 134 IPs in 21 countries across 132 domains to perform 527 HTTP transactions. The main IP is 2606:4700:3035::6815:c5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is telegrafi.com. The Cisco Umbrella rank of the primary domain is 266042.
TLS certificate: Issued by E1 on November 13th 2022. Valid for: 3 months.
This is the only time telegrafi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
105 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
25 104.26.1.156 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 7 37.157.6.233 198622 (ADFORM)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.93.168.226 14061 (DIGITALOC...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 144.76.120.254 24940 (HETZNER-AS)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 13.224.195.78 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 146.0.227.108 29066 (VELIANET-...)
13 2a03:90c0:41:... 199524 (GCORE)
1 52.239.139.164 8075 (MICROSOFT...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a04:4e42:400... 54113 (FASTLY)
15 212.102.56.194 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a03:2880:f08... 32934 (FACEBOOK)
1 13.32.27.107 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
8 2a03:2880:f14... 32934 (FACEBOOK)
9 104.26.15.190 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 51.68.155.202 16276 (OVH)
2 31.28.167.114 15497 (COLOCALL ...)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:9000:21f... 16509 (AMAZON-02)
3 151.101.129.44 54113 (FASTLY)
4 188.40.115.112 24940 (HETZNER-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 37.157.2.248 198622 (ADFORM)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:203... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 46.105.202.39 16276 (OVH)
15 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:21f... 16509 (AMAZON-02)
1 52.58.14.43 16509 (AMAZON-02)
1 149.202.74.47 16276 (OVH)
1 99.86.3.236 16509 (AMAZON-02)
2 185.239.172.66 55081 (24SHELLS)
3 51.75.86.98 16276 (OVH)
1 7 185.172.90.252 49981 (WORLDSTREAM)
1 2 167.235.33.113 24940 (HETZNER-AS)
2 8.2.108.175 46636 (NATCOWEB)
2 2 54.38.197.123 16276 (OVH)
3 10 146.0.227.109 20773 (GODADDY)
2 209.191.163.210 14744 (INTERNAP-...)
11 11 18.158.138.18 16509 (AMAZON-02)
1 1 157.90.157.235 24940 (HETZNER-AS)
7 7 198.47.127.18 3257 (GTT-BACKB...)
17 18 142.250.185.162 15169 (GOOGLE)
2 6 185.64.190.80 62713 (AS-PUBMATIC)
2 2 217.65.2.150 29076 (CITYTELEC...)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 35.175.58.50 14618 (AMAZON-AES)
3 3 199.115.119.227 30633 (LEASEWEB-...)
3 3 188.42.196.115 7979 (SERVERS-COM)
2 2 35.210.53.219 19527 (GOOGLE-2)
4 193.200.65.6 6681 (GIVEME-CLOUD)
1 8.2.110.206 46636 (NATCOWEB)
3 4 54.217.130.182 16509 (AMAZON-02)
2 185.239.172.58 55081 (24SHELLS)
1 4 185.184.8.90 204995 (RTB-HOUSE...)
1 83.222.114.188 42632 (MNOGOBYTE...)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 82.145.213.8 39832 (NO-OPERA)
2 104.18.33.19 13335 (CLOUDFLAR...)
4 4 18.156.0.31 16509 (AMAZON-02)
1 2 194.247.175.26 196831 (BEMOBILE-AS)
6 8 37.252.171.21 29990 (ASN-APPNEX)
2 104.22.39.196 13335 (CLOUDFLAR...)
5 14 52.73.105.161 14618 (AMAZON-AES)
6 185.172.90.249 49981 (WORLDSTREAM)
3 3 3.210.61.234 14618 (AMAZON-AES)
1 1 147.75.85.234 54825 (PACKET)
1 69.166.1.10 27630 (AS-XFERNET)
2 18.159.155.47 16509 (AMAZON-02)
2 2 184.24.9.113 16625 (AKAMAI-AS)
4 184.30.209.152 16625 (AKAMAI-AS)
2 4 172.64.154.237 13335 (CLOUDFLAR...)
2 205.234.175.175 23352 (SERVERCEN...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
1 185.46.149.20 44600 (GT-AS)
2 3 35.227.248.159 15169 (GOOGLE)
4 5 37.157.4.28 198622 (ADFORM)
6 3.33.220.150 16509 (AMAZON-02)
1 2607:ae80:128... 26558 (FREEWHEEL)
1 4 185.64.189.115 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 3 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.82 24961 (MYLOC-AS ...)
5 52.19.187.82 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 35.157.204.17 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
2 54.170.181.43 16509 (AMAZON-02)
1 162.55.233.28 24940 (HETZNER-AS)
3 3 151.101.130.49 54113 (FASTLY)
1 1 88.221.168.207 16625 (AKAMAI-AS)
1 1 52.54.29.118 14618 (AMAZON-AES)
1 3 52.94.223.167 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
2 2 52.18.219.253 16509 (AMAZON-02)
4 69.173.144.139 26667 (RUBICONPR...)
3 3 35.214.223.115 15169 (GOOGLE)
2 17 62.149.1.122 15497 (COLOCALL ...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 67.202.105.32 32748 (STEADFAST)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 52.31.244.189 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
2 11 185.80.39.216 27381 (CASALE-MEDIA)
1 2 52.46.143.56 16509 (AMAZON-02)
5 6 52.212.89.6 16509 (AMAZON-02)
3 3 18.193.52.247 16509 (AMAZON-02)
2 173.231.181.122 32475 (SINGLEHOP...)
1 8.2.111.13 46636 (NATCOWEB)
3 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.252.171.52 29990 (ASN-APPNEX)
4 4 103.229.205.242 30419 (MEDIAMATH...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
4 18.66.147.47 16509 (AMAZON-02)
2 76.223.111.18 16509 (AMAZON-02)
2 212.129.3.112 12876 (Online SAS)
12 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.183 1299 (TWELVE99 ...)
1 2 178.250.0.163 44788 (ASN-CRITE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.137.132 201081 (SMARTADSE...)
7 162.55.157.193 24940 (HETZNER-AS)
1 1 34.193.201.64 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 162.55.120.196 24940 (HETZNER-AS)
1 1 141.94.242.204 16276 (OVH)
1 1 141.94.171.212 16276 (OVH)
1 35.186.193.173 15169 (GOOGLE)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 18.196.15.33 16509 (AMAZON-02)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.243 21859 (ZEN-ECN)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 44.239.16.115 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
1 1 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
3 2600:9000:214... 16509 (AMAZON-02)
2 3.120.214.218 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 198.47.127.20 3257 (GTT-BACKB...)
1 13 18.193.28.75 16509 (AMAZON-02)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
2 2 141.94.171.215 16276 (OVH)
1 1 194.213.62.34 13036 (TMOBILE-)
2 2 3.124.13.195 16509 (AMAZON-02)
527 134
1    2606:4700:3031::ac43:c203 (United States)

ASN13335 (CLOUDFLARENET, US)
www.telegrafi.com
105    2606:4700:3035::6815:c5a (United States)

ASN13335 (CLOUDFLARENET, US)
telegrafi.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
25    104.26.1.156 (United States)

ASN13335 (CLOUDFLARENET, US)
video.gjirafa.com
central.gjirafa.com
bisko.gjirafa.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
track.adform.net
5    2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
nhwimp.izooto.com
1    142.93.168.226 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.onthe.io
1    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
telegrafi-cdn.relevant-digital.com
2    144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap15.adplayer.pro
serving.stat-rock.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
pahtuo.tech
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
10    146.0.227.108 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
ads.futureads.io
13    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.futureads.io
cdn.admixer.net
1    52.239.139.164 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
bisko.gjirafa.net
1    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
15    212.102.56.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 768270621.fra.cdn77.com
ub1doy938d.gjirafa.net
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
certify-js.alexametrics.com
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
tarantula.gjirafa.net
vid.vidoomy.com
8    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    104.26.15.190 (United States)

ASN13335 (CLOUDFLARENET, US)
bisko.gjirafa.tech
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    51.68.155.202 (France)

ASN16276 (OVH, FR)
PTR: ns3129903.ip-51-68-155.eu
analyticsvideo.gjirafa.com
2    31.28.167.114 (Ternopil, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 167-114.admixercdn-s2.cc.colocall.com
s1.v-player.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:3031::ac43:81b0 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
2    2600:9000:21f3:2e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
4    188.40.115.112 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.112.115.40.188.clients.your-server.de
tt.onthe.io
2    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
cms.quantserve.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:203c:2000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:20eb:2a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    46.105.202.39 (France)

ASN16276 (OVH, FR)
u.heatmap.it
15    2606:4700:3030::ac43:c0ad (United States)

ASN13335 (CLOUDFLARENET, US)
telegra.fi
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:21f3:2a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    52.58.14.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-14-43.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    149.202.74.47 (France)

ASN16276 (OVH, FR)
PTR: eu6.heatmap.it
eu6.heatmap.it
1    99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    185.239.172.66 (United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
3    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
7    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
2    167.235.33.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.113.33.235.167.clients.your-server.de
exchange.buzzoola.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
10    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
11    18.158.138.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-138-18.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    157.90.157.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.157.90.157.clients.your-server.de
bidswitch-eu.splicky.com
7    198.47.127.18 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image8.pubmatic.com
18    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    35.175.58.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-58-50.compute-1.amazonaws.com
cs.yellowblue.io
3    199.115.119.227 (Cincinnati, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
3    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
4    54.217.130.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-130-182.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    185.239.172.58 (United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
8    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    104.22.39.196 (None, )

ASN13335 (CLOUDFLARENET, US)
central.mall.tv
14    52.73.105.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-105-161.compute-1.amazonaws.com
a.audrte.com
6    185.172.90.249 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: s.e-planning.net
s.e-planning.net
3    3.210.61.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-61-234.compute-1.amazonaws.com
ssp.disqus.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    18.159.155.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    184.24.9.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-9-113.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    184.30.209.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-209-152.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
2    205.234.175.175 (Cantonment, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
22    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    185.46.149.20 (Kyiv, Ukraine)

ASN44600 (GT-AS, UA)
PTR: 185-46-149-20.net.gigatrans.ua
c1.futureads.io
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2607:ae80:128:1::49 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:d133:9dc2:a783:2cd2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
loada.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.118 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
5    52.19.187.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    35.157.204.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-204-17.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    54.170.181.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-181-43.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    88.221.168.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    52.54.29.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-29-118.compute-1.amazonaws.com
usermatch.krxd.net
3    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.18.219.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-219-253.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
3    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
17    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
sync.console.adtarget.com.tr
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    52.31.244.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-244-189.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
11    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    52.212.89.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-89-6.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    18.193.52.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-52-247.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
3    2a05:d018:d29:3601:1fd9:6969:7081:2e2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
4    18.66.147.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-47.fra60.r.cloudfront.net
tags.crwdcntrl.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    212.129.3.112 (France)

ASN12876 (Online SAS, FR)
PTR: 212-129-3-112.rev.poneytelecom.eu
js.cookieless-data.com
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.183 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
7    162.55.157.193 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.193.157.55.162.clients.your-server.de
prebid.adtarget.com.tr
rtb.prebid.adtarget.com.tr
1    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    141.94.242.204 (France)

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh
green.erne.co
1    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    18.196.15.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-15-33.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    44.239.16.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-16-115.us-west-2.compute.amazonaws.com
id.sharedid.org
1    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2600:9000:2142:ce00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2606:4700::6811:3663 (United States)

ASN13335 (CLOUDFLARENET, US)
nh.iz.do
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
13    18.193.28.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    194.213.62.34 (Novy Jicin, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid3.ibillboard.com
bbnaut.ibillboard.com
2    3.124.13.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-13-195.eu-central-1.compute.amazonaws.com
tracking.m6r.eu
tracking-a.dsp.m6r.eu
Apex Domain
Subdomains		 Transfer
106 telegrafi.com
www.telegrafi.com
telegrafi.com — Cisco Umbrella Rank: 266042
3 MB
36 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 594
image2.pubmatic.com — Cisco Umbrella Rank: 852
image6.pubmatic.com — Cisco Umbrella Rank: 716
ads.pubmatic.com — Cisco Umbrella Rank: 481
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
aud.pubmatic.com — Cisco Umbrella Rank: 4185
42 KB
27 gjirafa.com
video.gjirafa.com — Cisco Umbrella Rank: 595421
central.gjirafa.com — Cisco Umbrella Rank: 433872
analyticsvideo.gjirafa.com — Cisco Umbrella Rank: 628292
bisko.gjirafa.com — Cisco Umbrella Rank: 358632
532 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
185 KB
22 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2740
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
6 KB
19 futureads.io
ads.futureads.io — Cisco Umbrella Rank: 551203
scripts.futureads.io — Cisco Umbrella Rank: 511522
c1.futureads.io — Cisco Umbrella Rank: 998199
885 KB
17 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
ssum.casalemedia.com — Cisco Umbrella Rank: 1318
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
15 KB
17 gjirafa.net
bisko.gjirafa.net — Cisco Umbrella Rank: 296882
ub1doy938d.gjirafa.net — Cisco Umbrella Rank: 617835
tarantula.gjirafa.net — Cisco Umbrella Rank: 261817
21 MB
16 adscale.de
js.adscale.de — Cisco Umbrella Rank: 6136 Failed
ih.adscale.de — Cisco Umbrella Rank: 2752
16 KB
15 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4050
s.e-planning.net — Cisco Umbrella Rank: 6562
u-ams03.e-planning.net — Cisco Umbrella Rank: 68460
i.e-planning.net — Cisco Umbrella Rank: 6645
8 KB
15 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 8712
sync.adtelligent.com — Cisco Umbrella Rank: 4170
8 KB
15 telegra.fi
telegra.fi — Cisco Umbrella Rank: 567119
1 MB
15 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44190
inv-nets.admixer.net — Cisco Umbrella Rank: 2368
69 KB
14 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1899
10 KB
13 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 17458
prebid.adtarget.com.tr
rtb.prebid.adtarget.com.tr
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 19650
8 KB
13 adform.net
adx.adform.net — Cisco Umbrella Rank: 4215
s1.adform.net — Cisco Umbrella Rank: 7623
dmp.adform.net — Cisco Umbrella Rank: 4537
c1.adform.net — Cisco Umbrella Rank: 566
cm.adform.net — Cisco Umbrella Rank: 1390
track.adform.net — Cisco Umbrella Rank: 3419
31 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
3 KB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835
eus.rubiconproject.com — Cisco Umbrella Rank: 529
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
token.rubiconproject.com — Cisco Umbrella Rank: 563
23 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 414
8 KB
9 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
35 KB
9 gjirafa.tech
bisko.gjirafa.tech — Cisco Umbrella Rank: 236926
3 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
52 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
cms.analytics.yahoo.com — Cisco Umbrella Rank: 833
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
3 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
279 B
8 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
395 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
google-analytics.com — Cisco Umbrella Rank: 17
region1.google-analytics.com — Cisco Umbrella Rank: 2623
103 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
124 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
2 KB
5 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 904
sync.mathtag.com — Cisco Umbrella Rank: 434
3 KB
5 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 17338
tt.onthe.io — Cisco Umbrella Rank: 14200
23 KB
5 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 16761
nhwimp.izooto.com
81 KB
4 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 658
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
2 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
1 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
922 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
4 KB
4 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 118361
1 KB
4 quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 10570
cmp.quantcast.com — Cisco Umbrella Rank: 2900
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12285
106 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976
www.google.com — Cisco Umbrella Rank: 2
44 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 405
349 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12965
pixel.onaudience.com — Cisco Umbrella Rank: 3040
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
2 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
702 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 559
usermatch.krxd.net — Cisco Umbrella Rank: 1329
943 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7467
loada.exelator.com — Cisco Umbrella Rank: 26432
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 409
931 B
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1235
1 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1736
2 KB
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 7019
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
3 heatmap.it
u.heatmap.it — Cisco Umbrella Rank: 31965
eu6.heatmap.it — Cisco Umbrella Rank: 198755
11 KB
3 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 937
trc.taboola.com — Cisco Umbrella Rank: 664
173 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
223 KB
2 m6r.eu
tracking.m6r.eu — Cisco Umbrella Rank: 8411
tracking-a.dsp.m6r.eu — Cisco Umbrella Rank: 16974
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
625 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 919
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
562 B
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6378
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 335
279 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
565 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
656 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1546
533 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 15879
426 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1376
748 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 487
69 B
2 mall.tv
central.mall.tv — Cisco Umbrella Rank: 750027
68 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 193904
466 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4507
743 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3362
644 B
2 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 41040
549 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
554 B
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9917
539 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4358
258 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 21408
543 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 939
cms.quantserve.com — Cisco Umbrella Rank: 639
11 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 793
3 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2837
45 KB
2 v-player.net
s1.v-player.net — Cisco Umbrella Rank: 858050
196 KB
2 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 20496
197 KB
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 9070
349 B
1 iz.do
nh.iz.do — Cisco Umbrella Rank: 114249
626 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
636 B
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4378
221 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
465 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
104 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5650
322 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4752
369 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16075
367 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
277 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
615 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
792 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
510 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2127
419 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 1687
20 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2081
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6243
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 512
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1659
359 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 977
356 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
527 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 21165
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 110133
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11150
335 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 816
498 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 858
386 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1634
468 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 14837
904 B
1 com.ru
rtb.com.ru — Cisco Umbrella Rank: 45705
240 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 16909
510 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 5123
279 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 24704
221 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
641 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6041
501 B
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 37714
88 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
17 KB
1 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 12050
certify.alexametrics.com Failed
2 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2326
422 B
1 windows.net
gjstatic.blob.core.windows.net — Cisco Umbrella Rank: 408301
8 KB
1 pahtuo.tech
pahtuo.tech — Cisco Umbrella Rank: 284390
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
40 KB
1 relevant-digital.com
telegrafi-cdn.relevant-digital.com — Cisco Umbrella Rank: 630163
142 KB
527 132
Domain Requested by
105 telegrafi.com telegrafi.com
18 cm.g.doubleclick.net 17 redirects spl.zeotap.com
17 video.gjirafa.com telegrafi.com
video.gjirafa.com
16 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
s.adtelligent.com
15 telegra.fi telegrafi.com
15 ub1doy938d.gjirafa.net video.gjirafa.com
14 a.audrte.com 5 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
13 sync.adtelligent.com 1 redirects s.adtelligent.com
ads.us.e-planning.net
ads.pubmatic.com
s.console.adtarget.com.tr
12 simage2.pubmatic.com ads.pubmatic.com
s.adtelligent.com
11 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
11 x.bidswitch.net 11 redirects
10 inv-nets.admixer.net 3 redirects ads.us.e-planning.net
10 ads.futureads.io telegrafi.com
www.googletagmanager.com
cdn.admixer.net
scripts.futureads.io
9 bisko.gjirafa.tech bisko.gjirafa.net
8 ib.adnxs.com 6 redirects spl.zeotap.com
8 www.facebook.com connect.facebook.net
video.gjirafa.com
8 connect.facebook.net video.gjirafa.com
connect.facebook.net
telegrafi.com
8 scripts.futureads.io telegrafi.com
scripts.futureads.io
7 image8.pubmatic.com 7 redirects rtb.prebid.adtarget.com.tr
6 prebid.adtarget.com.tr ads.pubmatic.com
rtb.prebid.adtarget.com.tr
s.console.adtarget.com.tr
js.adscale.de
6 match.prod.bidr.io 5 redirects ssum.casalemedia.com
6 match.adsrvr.org spl.zeotap.com
s.adtelligent.com
ssum.casalemedia.com
ads.pubmatic.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 s.e-planning.net ads.us.e-planning.net
6 image2.pubmatic.com 2 redirects ads.pubmatic.com
s.adtelligent.com
5 cdn.admixer.net scripts.futureads.io
ads.futureads.io
4 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
4 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
4 sync.mathtag.com 4 redirects
4 sync.1rx.io 4 redirects rtb.prebid.adtarget.com.tr
4 image6.pubmatic.com 1 redirects spl.zeotap.com
ads.pubmatic.com
4 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 ups.analytics.yahoo.com 4 redirects
4 creativecdn.com 1 redirects s.console.adtarget.com.tr
rtb.prebid.adtarget.com.tr
4 dpm.demdex.net 3 redirects
4 m.trafmag.com
4 bisko.gjirafa.com
4 tt.onthe.io cdn.onthe.io
4 www.google-analytics.com video.gjirafa.com
telegrafi.com
www.google-analytics.com
4 central.gjirafa.com video.gjirafa.com
central.gjirafa.com
4 securepubads.g.doubleclick.net telegrafi.com
securepubads.g.doubleclick.net
telegrafi-cdn.relevant-digital.com
4 cdn.izooto.com telegrafi.com
cdn.izooto.com
4 fonts.gstatic.com fonts.googleapis.com
3 js.adscale.de rtb.prebid.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 cm.adform.net 3 redirects
3 pr-bh.ybp.yahoo.com ssum.casalemedia.com
s.adtelligent.com
3 pm.w55c.net 3 redirects
3 ads.pubmatic.com s.adtelligent.com
3 csync.loopme.me 3 redirects
3 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
ads.pubmatic.com
3 sync-tm.everesttech.net 3 redirects
3 bcp.crwdcntrl.net spl.zeotap.com
tags.crwdcntrl.net
3 idsync.frontend.weborama.fr 2 redirects s.adtelligent.com
3 dmp.adform.net 2 redirects spl.zeotap.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 ssp.disqus.com 3 redirects
3 ads.betweendigital.com 3 redirects
3 sync.lemmatechnologies.com 3 redirects
3 ads.us.e-planning.net 1 redirects ads.futureads.io
s.adtelligent.com
3 onetag-sys.com ads.futureads.io
s.adtelligent.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 www.gstatic.com video.gjirafa.com
www.gstatic.com
3 www.googletagmanager.com telegrafi.com
www.googletagmanager.com
3 c.amazon-adsystem.com telegrafi.com
c.amazon-adsystem.com
3 adx.adform.net 1 redirects telegrafi.com
s1.adform.net
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects s.adtelligent.com
2 simage4.pubmatic.com ads.pubmatic.com
2 ps.eyeota.net s.adtelligent.com
2 token.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
2 um.simpli.fi 1 redirects s.adtelligent.com
2 sync.crwdcntrl.net ads.pubmatic.com
s.adtelligent.com
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 eb2.3lift.com ads.us.e-planning.net
2 secure.adnxs.com 2 redirects
2 cm.adgrx.com ssum.casalemedia.com
ads.pubmatic.com
2 c1.adform.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 ad.360yield.com 2 redirects
2 rtb.openx.net 2 redirects
2 pixel.rubiconproject.com spl.zeotap.com
s.adtelligent.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 dsp.adfarm1.adition.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 i.e-planning.net ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 match.sharethrough.com ads.us.e-planning.net
2 central.mall.tv video.gjirafa.com
2 pa.tns-ua.com 1 redirects
2 ssum-sec.casalemedia.com ssum.casalemedia.com
2 s.console.adtarget.com.tr s.adtelligent.com
2 pool.admedo.com 2 redirects
2 an.yandex.ru 1 redirects
2 match.new-programmatic.com 2 redirects
2 ap.lijit.com s.adtelligent.com
2 a4p.adpartner.pro 2 redirects
2 us.ck-ie.com
2 exchange.buzzoola.com 1 redirects
2 s.adtelligent.com ads.futureads.io
s.adtelligent.com
2 cmp.quantcast.com quantcast.mgr.consensu.org
2 u.heatmap.it telegrafi.com
u.heatmap.it
2 unpkg.com 1 redirects
2 cdn.taboola.com telegrafi.com
cdn.taboola.com
2 quantcast.mgr.consensu.org telegrafi.com
quantcast.mgr.consensu.org
2 region1.google-analytics.com www.googletagmanager.com
2 s1.v-player.net telegrafi.com
s1.v-player.net
2 analyticsvideo.gjirafa.com video.gjirafa.com
2 imasdk.googleapis.com video.gjirafa.com
imasdk.googleapis.com
2 serving.stat-rock.com telegrafi.com
www.googletagmanager.com
2 fonts.googleapis.com telegrafi.com
video.gjirafa.com
1 nhwimp.izooto.com cdn.izooto.com
1 tracking-a.dsp.m6r.eu 1 redirects
1 tracking.m6r.eu 1 redirects
1 track.adform.net 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 aud.pubmatic.com s.adtelligent.com
1 nh.iz.do cdn.izooto.com
1 mug.criteo.com s.console.adtarget.com.tr
1 gum.criteo.com 1 redirects
1 id5-sync.com rtb.prebid.adtarget.com.tr
1 id.sharedid.org rtb.prebid.adtarget.com.tr
1 rtb.prebid.adtarget.com.tr s.console.adtarget.com.tr
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com s.adtelligent.com
1 pubmatic-match.dotomi.com s.adtelligent.com
1 image4.pubmatic.com s.adtelligent.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 cr.frontend.weborama.fr 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 cms.quantserve.com 1 redirects
1 s.company-target.com 1 redirects
1 cs.iqzone.com ads.us.e-planning.net
1 vid.vidoomy.com s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 c1.futureads.io
1 sync.go.sonobi.com ads.us.e-planning.net
1 prebid.a-mo.net 1 redirects
1 t.adx.opera.com
1 idsync.admixer.co.kr
1 rtb.com.ru
1 cs.mobfox.com
1 cs.yellowblue.io
1 bidswitch-eu.splicky.com 1 redirects
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 eu6.heatmap.it
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 cdn.jsdelivr.net video.gjirafa.com
1 rules.quantcount.com secure.quantserve.com
1 www.google.de
1 www.google.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 s1.adform.net telegrafi.com
1 aghtag.tech pahtuo.tech
1 google-analytics.com video.gjirafa.com
1 s0.2mdn.net imasdk.googleapis.com
1 tarantula.gjirafa.net bisko.gjirafa.net
1 certify-js.alexametrics.com video.gjirafa.com
1 cdn.polyfill.io video.gjirafa.com
1 bisko.gjirafa.net video.gjirafa.com
1 gjstatic.blob.core.windows.net video.gjirafa.com
1 pahtuo.tech telegrafi.com
1 static.criteo.net telegrafi.com
1 telegrafi-cdn.relevant-digital.com telegrafi.com
1 cdn.onthe.io telegrafi.com
1 www.telegrafi.com 1 redirects
0 certify.alexametrics.com Failed video.gjirafa.com
527 199
Subject Issuer Validity Valid
*.telegrafi.com
E1		 2022-11-13 -
2023-02-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
gjirafa.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-13 -
2023-06-13		 a year crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-02 -
2023-07-02		 a year crt.sh
1269691753.rsc.cdn77.org
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
serving.stat-rock.com
R3		 2022-11-06 -
2023-02-04		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.futureads.io
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-09-01		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 02		 2022-10-27 -
2023-10-22		 a year crt.sh
1682884806.rsc.cdn77.org
R3		 2022-11-17 -
2023-02-15		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.gjirafa.net
GoGetSSL RSA DV CA		 2022-04-28 -
2023-05-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-23 -
2022-12-22		 3 months crt.sh
certify-js.alexametrics.com
Amazon		 2022-05-30 -
2023-06-27		 a year crt.sh
1312202179.rsc.cdn77.org
R3		 2022-11-07 -
2023-02-05		 3 months crt.sh
gjirafa.tech
Cloudflare Inc ECC CA-3		 2022-11-08 -
2023-11-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gjirafa.com
GoGetSSL RSA DV CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.v-player.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-11 -
2023-02-22		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
cmp.quantcast.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.heatmap.it
Sectigo RSA Domain Validation Secure Server CA		 2022-06-12 -
2023-06-26		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-28 -
2023-02-26		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
ads.us.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
*.mobfox.com
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-11-24 -
2023-02-22		 3 months crt.sh
rtb.com.ru
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.mall.tv
GoGetSSL RSA DV CA		 2021-12-07 -
2023-01-07		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-10-10 -
2023-01-08		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
dmp.theadex.com
R3		 2022-10-26 -
2023-01-24		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-25 -
2023-02-23		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
prebid.adtarget.com.tr
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
rtb.prebid.adtarget.com.tr
R3		 2022-11-14 -
2023-02-12		 3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-11-23 -
2023-02-21		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adscale.de
Amazon		 2022-07-09 -
2023-08-07		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh

This page contains 73 frames:

Primary Page: https://telegrafi.com/
Frame ID: 2F9A6AA2029229E492D13D78D9DB8A34
Requests: 233 HTTP requests in this frame

Frame: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Frame ID: B21C4EFF0E6FCBB5646F790A244C26A2
Requests: 71 HTTP requests in this frame

Frame: https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Frame ID: 6CD26C5BB6EEB675B1110B5C8BAD606B
Requests: 9 HTTP requests in this frame

Frame: https://central.gjirafa.com/
Frame ID: 3F59FD7B68225CF46B6B550C988993A1
Requests: 2 HTTP requests in this frame

Frame: https://bisko.gjirafa.tech/portal
Frame ID: 261A62F917B62153C4B2B417107971DB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 168E661E1C43DD9FEBDCDFCD4453F4A0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 3AD40FBD4D1F96EA64C11A41035F7C7E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: BBB533519856E5A3C8BB2EAE903205FC
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 72AAFCF8BBA7AC0115D1C92D321F79FE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 959E191507FF2EE7DF38A168ED1CE634
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: DB0F967CA0047634FFD4DB55D0BDC0A4
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 24D0DFC266EA5B49896DEB3A1FEFCD2B
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Frame ID: 3B974FB95468DFB5E83FCD1CBD812B72
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 6D91C2F07BAA4FBEAA2D33E42D7B69C6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&cmp=0
Frame ID: 21558255813B583CEEE483A67C469F4C
Requests: 34 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=318a6ac9-e17b-4d63-a3c3-2f67944bf23b&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Frame ID: 58DB6F079FBFC89FE4F38E77D9207AA6
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 810E4F101EC833F30F411B624DFAA171
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 5E65C49D5427DC0E299B564EA9DF5C54
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: D911FF570E217C4AD333132E8A903C7A
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 08E724DFD8090A76A0CF1BA6F9005A32
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: B896787735ED5272AA11BA6080335953
Requests: 14 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 2CB14683928C8E31C861277ADD5E304B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 84D9FD523477A0B10ACBD23736FF4509
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 7F93A1335FF63CEA3BB7F4A46EF0B73F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 85744430A0D3C0F0298B19EC9BBC3F6A
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Frame ID: 713F7623BFAD3A533AA47D2F5FF5B08B
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 6801CAB2E1A4A066F99FDB002CD73806
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361&cmp=0
Frame ID: B4D9C8B70F38A19EFF2A26FE61EADE97
Requests: 5 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: C52DB1B33E94CE89D2B53EF4689859C9
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: A5FEB4255DC9CF9618842E3C0E78E071
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AN69wlFJ0l1S9LCY
Frame ID: F216B7053B64F09828E6C92800C16C97
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 3228F89CDEF63BD5361F2812E38B207F
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 33E4FEDA208F2645B7CC98EBEB22D5C7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AN69wlFJ0l1S9LCY
Frame ID: 57D3CDECABEE95E95F43852CFB6D4F5E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f17639a-e319-4b00-bea5-3a5a540521a7&gdpr=0&gdpr_consent=
Frame ID: ABCDA3E22DE621D53B61FE899B15E8A2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6376616859132444119
Frame ID: A2DEF591F912C37EF8253EB458B9E68D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E9B527B1D9067242361ABAFCE2FAE139
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7F402834-9BEE-4BA4-A84C-B9594D193165&redir=true&gdpr=0&gdpr_consent=
Frame ID: 0F5378CA27B7CCA60B5DB37A43FD9035
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5437143918759245556&gdpr=0&gdpr_consent=
Frame ID: 615CBFFCADB7352A6219EB103126BB48
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo
Frame ID: BE79BC63C7BF1EBC3A546C7FDE45E1D9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177298652685596820&gdpr=0&gdpr_consent=
Frame ID: 6B9B5976C653025EAC2A0B71383D0AF3
Requests: 1 HTTP requests in this frame

Frame: https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
Frame ID: 5DF92AD019FF8DF1656F7996DC9357B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zEcU4nk_TMx-XTIFUBjgDtly2hQ
Frame ID: 8F99B73F47C5C99B3E683A362EC4C8E0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rjGQAEKU9NwQAp&gdpr=0&gdpr_consent=
Frame ID: 2CC62E09E2D32F8F958426DEF2801657
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 2FEEC5F1F17F79F0ACC82D1ED909CA0D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9C4618133E03EB162224E7E5CDDAE2F7
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F78D241734F474D0298492E01FB9467C
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2104953085
Frame ID: BC66CAD95B89EAE6141267ACA1C0BC7D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 53CC29EFA3F1F6214356BAF786F2B4AF
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 1A204A5992CC578D44A9C3FF2F5EA9DF
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXbaXRgWnhXXanVSj
Frame ID: 09237A31F1B0D7220531FC07F41EFD9D
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 6182E51B339C04D4ADCBC71372F65FFF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7F402834-9BEE-4BA4-A84C-B9594D193165
Frame ID: F50987EB4AD7C8CEF8D99B8AC1417CD1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.prebid.adtarget.com.tr/sync.html
Frame ID: 10BB085995ECD7630EA2201C335097C4
Requests: 6 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=6086994825254833814
Frame ID: BB2C8AC84D251A429738940B45358E10
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Frame ID: 8F3D2AF12CDA2633EE86ECB4AE05D6AE
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6086994825254833814
Frame ID: AB2AF7373E945793649B55E6D4FBA20A
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=admatic
Frame ID: 8FB9B3CF89DD41A9CD6BFF1BC3E24EE3
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&pu=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%23PMUID
Frame ID: 9B0E7194F8519F664F965112F9BD42CD
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmphb?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redir=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%5BRX_UUID%5D
Frame ID: D6CFE7B5488531AA87F3ECF7E4EDB137
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=adtarget&redir=1
Frame ID: E7944BAFDB6A9A8AEB14250CAE778966
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: 6B858594D73CD8C128A0EC6E89014AA1
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&pu=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%23PMUID
Frame ID: F2258FEB48547641791DCBA87DFA5222
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmphb?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redir=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%5BRX_UUID%5D
Frame ID: 57266B3CFA93F7782C63CD552CEBF027
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=adtarget&redir=1
Frame ID: 7B503C5BFD76AB305C3A2079E41B1B20
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: F328A6F0843AFC57B3AB1ABF0109BBCC
Requests: 1 HTTP requests in this frame

Frame: https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
Frame ID: 807B9284353949321597DBC1CB9D6722
Requests: 1 HTTP requests in this frame

Frame: https://prebid.adtarget.com.tr/setuid?bidder=unruly&gdpr=&gdpr_consent=&f=b&uid=OPTOUT&us_privacy=
Frame ID: 2FA32D7DDFF492F05FCEC458E43939CA
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=adtarget&redir=1
Frame ID: 951A891F1746329FEEFD9089494A5D46
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: BE8A8DB4BFC203721301C91B5A52C532
Requests: 5 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Frame ID: 0C6FEC33980CC2C736AEB6602F9E5AA5
Requests: 11 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A023190BF3FB4BC492F8481C00562A8C&gdpr=0&gdpr_consent=
Frame ID: F4EAFC0B6D8FAF85B5561DC1B4474FC9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7F402834-9BEE-4BA4-A84C-B9594D193165
Frame ID: 3FBCAF9079C0492E0C9D8DB909CCC168
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lajmet e fundit - Telegrafi

Page URL History Show full URLs

  1. http://www.telegrafi.com/ HTTP 301
    https://telegrafi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

527
Requests

82 %
HTTPS

26 %
IPv6

132
Domains

199
Subdomains

134
IPs

21
Countries

29852 kB
Transfer

42808 kB
Size

172
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.telegrafi.com/ HTTP 301
    https://telegrafi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://adx.adform.net/adx/?mid=621729&rnd=native1 HTTP 302
  • https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
Request Chain 167
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Request Chain 235
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 236
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=9bf13ff6806e41b5b6c9a5d24ce946ba HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Request Chain 238
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=03671d7b-c76f-45e5-984a-378b66f28e2a
Request Chain 240
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=9bf13ff6806e41b5b6c9a5d24ce946ba&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=9bf13ff6806e41b5b6c9a5d24ce946ba&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&consent=&gdpr_pd=
Request Chain 241
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D9bf13ff6806e41b5b6c9a5d24ce946ba HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D9bf13ff6806e41b5b6c9a5d24ce946ba&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Y0MDI4MzQtOUJFRS00QkE0LUE4NEMtQjk1OTREMTkzMTY1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
Request Chain 242
  • https://match.new-programmatic.com/userbind?src=admixer&id=9bf13ff6806e41b5b6c9a5d24ce946ba HTTP 302
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/ HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
Request Chain 243
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY4NjE3NDQtOTlENC00Mzk2LUE5NkEtM0ZBN0NGMUYwQzgw&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY4NjE3NDQtOTlENC00Mzk2LUE5NkEtM0ZBN0NGMUYwQzgw&gdpr=0&gdpr_consent={consent}&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=9bf13ff6806e41b5b6c9a5d24ce946ba
Request Chain 244
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D9bf13ff6806e41b5b6c9a5d24ce946ba HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=78c97ab0-7c57-11ed-8bc6-801844df0ab8 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=ff63c8ee-81a7-525d-adad-625cce378145&ssp=lemma&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=78c97ab0-7c57-11ed-8bc6-801844df0ab8 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=247fa1b9-406c-4acc-a8db-2e02257696c4&user_group=1&ssp=lemma&bsw_param=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=865905ec-dccc-4e7e-a799-fdb4100d6922 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=9bf13ff6806e41b5b6c9a5d24ce946ba78c97ab0-7c57-11ed-8bc6-801844df0ab8
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OWJmMTNmZjY4MDZlNDFiNWI2YzlhNWQyNGNlOTQ2YmE=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OWJmMTNmZjY4MDZlNDFiNWI2YzlhNWQyNGNlOTQ2YmE=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEFMse_w7RPtaemG1-0Z-fwg&google_cver=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEAnJpz4ihenR143quvCfypI&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=aa37fa17d5b54818b28c078cfa2164e0
Request Chain 249
  • https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=9bf13ff6806e41b5b6c9a5d24ce946ba HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=9bf13ff6806e41b5b6c9a5d24ce946ba
Request Chain 251
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 256
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=ff63c8ee-81a7-525d-adad-625cce378145
Request Chain 258
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-oX8hn.ZE2uFcUHca7hd8SWPoYwyt_99f04MVizM-~A
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=OWJmMTNmZjY4MDZlNDFiNWI2YzlhNWQyNGNlOTQ2YmE=&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEDV8mZhJ4L6huFyN6QqDM6Q&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=b2011afcd891426d91d8cb1b5922e995
Request Chain 261
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9bf13ff6806e41b5b6c9a5d24ce946ba HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z23F6455B0744639ADA18D21ABC19D1D&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Request Chain 268
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D762dc735e98a9081%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D762dc735e98a9081%2526uid%253D%2524UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=762dc735e98a9081&uid=5437143918759245556
Request Chain 269
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D762dc735e98a9081%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzYyZGM3MzVlOThhOTA4MSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIGEjgB%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzYyZGM3MzVlOThhOTA4MSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIGEjgB&buyeruid=71e57330-c245-4ca7-89a0-f3db83bb8136&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzYyZGM3MzVlOThhOTA4MSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIGEjgC
Request Chain 272
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 273
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Request Chain 285
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ed5c6ab2-9b09-4437-af51-2e5547bed36d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 291
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ad90d04a-560c-48b8-9d12-20ea82e4961c&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 292
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=00902228-87bf-4289-6537-a3d3ccee921c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=00902228-87bf-4289-6537-a3d3ccee921c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=59855220362446940511907137209735770751&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 294
  • https://bn01.er.bemail.it/zeotap.php?_bid=00902228-87bf-4289-6537-a3d3ccee921c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022121510-13470-0.130737001671095065-b2ae3972278309af24d6e7f169274cef&zdid=533&env=mWeb
Request Chain 295
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7177298652685596820&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 297
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00902228-87bf-4289-6537-a3d3ccee921c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00902228-87bf-4289-6537-a3d3ccee921c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361&bounce=1&random=2041724268 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=ME5i6fFG3MMuQ3zHJJWRyO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 300
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-035DF4pE2or1VmzkN_j6TquDZrBFLsK9vw--~A&zpartnerid=570&env=mWeb
Request Chain 301
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1ioCT5skeBUN0yoD09z7Ev2%2BS41iYitP1U%3D
Request Chain 305
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361&_test=Y5rjGQAEKU9NwQAp HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5rjGQAEKU9NwQAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&_test=Y5rjGQAEKU9NwQAp
Request Chain 306
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2f17639a-e319-4b00-bea5-3a5a540521a7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 307
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 308
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&dcc=t
Request Chain 310
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 312
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=00902228-87bf-4289-6537-a3d3ccee921c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=865905ec-dccc-4e7e-a799-fdb4100d6922&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Request Chain 320
  • https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=318a6ac9-e17b-4d63-a3c3-2f67944bf23b&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Request Chain 328
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5437143918759245556
Request Chain 329
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5437143918759245556
Request Chain 330
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=73adf05a-8fe7-4390-909d-b114f160a265
Request Chain 331
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=00bfa135-716c-4be1-9b60-990dd91424bf
Request Chain 332
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1671095065156 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=356139875
Request Chain 333
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=03671d7b-c76f-45e5-984a-378b66f28e2a
Request Chain 335
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=b2011afcd891426d91d8cb1b5922e995
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELc71E40WKfQrF8_RERdjWY&google_cver=1
Request Chain 338
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5rjGLRqg4TjQCUNTyudDwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
Request Chain 339
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&dcc=t
Request Chain 341
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
Request Chain 342
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086994825254833814&expiration=1672304665
Request Chain 351
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1af181a61147f149%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1af181a61147f149&uid=5437143918759245556
Request Chain 352
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1af181a61147f149%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MWFmMTgxYTYxMTQ3ZjE0OSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIaDjgB
Request Chain 355
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 360
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3Dd0aa4531-791c-4f17-68c5-080b767878c6%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
Request Chain 364
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5437143918759245556
Request Chain 365
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4b17639a-e31a-4900-87c7-761a3664b2c3
Request Chain 366
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
Request Chain 367
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686819865&external_user_id=f9e95bfd-1e4c-4083-b4be-0b6e5c7fa727
Request Chain 368
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=539d1d91-6608-440d-8204-f0dc6030ca2b&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 369
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5rjGLRqg4TjQCUNTyudDwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
Request Chain 370
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
Request Chain 385
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f17639a-e319-4b00-bea5-3a5a540521a7&gdpr=0&gdpr_consent=
Request Chain 386
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6376616859132444119
Request Chain 389
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5437143918759245556&gdpr=0&gdpr_consent=
Request Chain 390
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo
Request Chain 391
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177298652685596820&gdpr=0&gdpr_consent=
Request Chain 392
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcHJVN0hOY1lBQUNORzNJYVUxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACprU7HNcYAACNG3IaU1Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACprU7HNcYAACNG3IaU1Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACprU7HNcYAACNG3IaU1Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1121704355552526551&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACprU7HNcYAACNG3IaU1Q&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
Request Chain 393
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zEcU4nk_TMx-XTIFUBjgDtly2hQ
Request Chain 394
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rjGQAEKU9NwQAp&gdpr=0&gdpr_consent=
Request Chain 395
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 396
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 398
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2104953085
Request Chain 401
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXbaXRgWnhXXanVSj
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f0AoNJvuS6SoTLlZTRkxZQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 407
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F402834-9BEE-4BA4-A84C-B9594D193165
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSkYPa81TPojKqDCMjJpBU&google_cver=1
Request Chain 410
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6086994825254833814
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_87336f5f-7bf8-4a38-a726-fa52216eb481&bsw_param=865905ec-dccc-4e7e-a799-fdb4100d6922&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 414
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7F402834-9BEE-4BA4-A84C-B9594D193165&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vv_dgpJE2uUj3V.T87E6sRRudwyX1FQ-~A&gdpr=0&gdpr_consent=
Request Chain 417
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3591486919638650168&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 418
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ea43cb5f-7609-4a33-a092-27fbd89faea6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 419
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5437143918759245556
Request Chain 422
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D737566%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=6086994825254833814
Request Chain 424
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6086994825254833814
Request Chain 426
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=e137f4f9e17d9e90
Request Chain 431
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frtb.prebid.adtarget.com.tr&domain=rtb.prebid.adtarget.com.tr&bundle=&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=AP7f73wrRHRwNDlWZyt3VTJ1QkN5STVHSDVnOXQ1V2N2blN0aHF2UEFVWnNBZmNSSUxPYUFneGdXQ3pXT0lLc3BSNHRibXJNbk0xcDJ2RnlQcUJqSldwUHdCVzRuaGZzbnAvTUZ2amxhQXNRdlhKSHZwZy9LU2FHQWNmTmxSQ2JSSHFjVFVTVlAwSXN5bG50cGplNElVTXVZN0MrYzZzSzBDZ0IzUFRkVU4zTUMzMHAwVmd4VGE5YzFhaW1sNzRRbVpsR1dzZXpQUCthMXh1MkphRndLZUl6bCsrSllEWHFGNGVSd0dOQUNETk9HUmF2c3VWa3NXRnpjeXhvRENPUHZCcGFtfA&cppv=2
Request Chain 440
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&pu=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%23PMUID HTTP 302
  • https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
Request Chain 441
  • https://sync.1rx.io/usersync2/rmphb?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redir=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://prebid.adtarget.com.tr/setuid?bidder=unruly&gdpr=&gdpr_consent=&f=b&uid=OPTOUT&us_privacy=
Request Chain 444
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 303
  • https://prebid.adtarget.com.tr/setuid?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=6086994825254833814
Request Chain 445
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.adtarget.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=865905ec-dccc-4e7e-a799-fdb4100d6922
Request Chain 490
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6086994825254833814 HTTP 302
  • https://a.audrte.com/p
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=&google_gid=CAESEKunyg1NxGz_XSSoIYeePgY&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=&google_gid=CAESEKunyg1NxGz_XSSoIYeePgY&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 499
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6086994825254833814 HTTP 302
  • https://a.audrte.com/p
Request Chain 504
  • https://ih.adscale.de/uu?cbfn=receive&t=1671095067 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1671095067&nut&uu=0f1aa06eb2ac45e9b674e4a46b5a902f
Request Chain 511
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A023190BF3FB4BC492F8481C00562A8C&gdpr=0&gdpr_consent=
Request Chain 513
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7F402834-9BEE-4BA4-A84C-B9594D193165 HTTP 302
  • https://a.audrte.com/p
Request Chain 514
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7F402834-9BEE-4BA4-A84C-B9594D193165&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7F402834-9BEE-4BA4-A84C-B9594D193165&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 515
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7F402834-9BEE-4BA4-A84C-B9594D193165&addseg=19,36,42
Request Chain 516
  • https://pixel.onaudience.com/?partner=214&mapped=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=895c55aa4d3dc4fce8984ef1ab6900cf&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 517
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=0f1aa06eb2ac45e9b674e4a46b5a902f&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=101&tpuid=BBID-01-03458090687280972-16788348
Request Chain 518
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=c9102cea5479312962af168159b69c94fe77faa2de1ca21931fdfbadbecad99d&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Y5rjGLRqg4TjQCUNTyudDwAA%261148
Request Chain 519
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=78af7ee7d6f358694d9a4790361ce9edb2b7fe035a8f3689fe63b7e4efca3442&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
Request Chain 520
  • https://track.adform.net/serving/cookie/match/?party=9&uid=01eb2851921a43675404bf218a76dae733e658dbd03e865aa049d05b176251fd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=42&gdpr=0&tpuid=6086994825254833814
Request Chain 521
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=a20f6e1d932493bcf69c1f566e0a12b103ed2f834468805b7ed4176878c56151&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=87302320-08a9-4f98-905f-6de411b0f66e&gdpr=0
Request Chain 522
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=7ca605a7bbba8629eb53a90c1a1373dcc3da647e0c538ec0febfaca41778214d&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
Request Chain 523
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=45a2973d2439e12a48c788416e968cff602ad637c77affaf10126fcd7c34ec3a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?uid=45a2973d2439e12a48c788416e968cff602ad637c77affaf10126fcd7c34ec3a&tpid=38&gdpr=0&tpuid=CAESEKE8PNcHpsjyKqDRu0vv8m8&google_cver=1
Request Chain 524
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2c2788a96d1de0a39edf1aa537c093498870c378d75691f5b5ee45cb64688938&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2c2788a96d1de0a39edf1aa537c093498870c378d75691f5b5ee45cb64688938&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/js?tpid=48&tpuid=1a41594e7d0e19d064cc564c466b2bba

527 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telegrafi.com/
Redirect Chain
  • http://www.telegrafi.com/
  • https://telegrafi.com/
251 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00319564ca166d01b77f3be22cef21a96c3bc39187ec3931d39ac51dc826c001

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
779e02ea5f2cbb83-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:22 GMT
link
<https://telegrafi.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sG4grjp7kcmB3qBrKYAaJcxiOk2e99ioYX9ZkwggMwcHcT9snXr0CXIplukeNzLPWaXmNxhjVnrglEdg61%2Fes4hC%2Fj3GWRVcgC3vmEwrY89C3yRQ%2Bv%2BwmUgsK5yK5Ufhez5k0o3gtL%2FBQZrQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Origin
x-elasticpress-query
true

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
779e02e99eeb161f-DUS
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 09:04:22 GMT
Location
https://telegrafi.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJmLO2HhtPQrKTfXAuVnBxo6HSj%2B9MXmHzd0nI5d8wqEHz0qBQwSYysaSIEZws31fUSXYxgePlPf3erdMschgz%2FaXIrPxxlf2aDPdDi%2F%2B2CBRXABOTN0HtovtmRDym4zfKVuc%2Fk5GAfuAcNvjRFHbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Origin
X-Redirect-By
WordPress
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a273072d4326cf4fff7510301462667c0c97a389b2428ca9f96a88316bec31f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 08:53:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 09:04:22 GMT
dashicons.min.css
telegrafi.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/css/dashicons.min.css?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8643208
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 27 Apr 2021 11:34:25 GMT
server
cloudflare
etag
W/"6087f6c1-e688"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnxDv%2FYmN5ttOzIwZqpRghDxP%2Bvwt6fhno4Wn1hCNs3d%2FMxqrM1biPOaqnJI3C%2BXgWyHdM68akFufmOCWzWkP%2FkR6933GB5pCTatnB6MgCUc6WJayrMxA3fVOSVk5nvWV%2BkMUSYCsjtIWmwV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead85fbb83-FRA
expires
Wed, 06 Sep 2023 08:09:30 GMT
lightgallery.css
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/lightgallery.css?ver=0.0.11
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3239aff1459e1ec3d35e67598c38142d3ca0dc0d77570da00ee9d9c8a8c5b4a9
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647997
cf-polished
origSize=16617
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
cf-bgj
minify
last-modified
Mon, 29 Aug 2022 23:07:06 GMT
server
cloudflare
etag
W/"630d469a-40e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E3Kyn%2BZ7pW3wyAqockQS%2FK1DUilUkNdTzb5H6eotoy8hGDrymYbXvz5VsIv1P%2Bwtou7WR9XjJQXzBRMQFOvk4NwWY5kGkpqHLlGLuEywVrnm1xqbk6a6psWjp8TNWdXBGN%2BCbC1nRe8OQeR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead862bb83-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
lg-thumbnail.css
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/lg-thumbnail.css?ver=0.0.11
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b76159580f48547621ce2c79c1f8e2ed7e4068cfa53e6b70ae5a1ddad7ee2a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647997
cf-polished
origSize=2182
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
cf-bgj
minify
last-modified
Mon, 29 Aug 2022 23:07:06 GMT
server
cloudflare
etag
W/"630d469a-886"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL0YfDO54z6i2IAHKe%2BGrfrzZSUAKmrEDh5fMJcPB0wsDwGvgxMAosdEMHjGmJQmE%2BSEvM2QL%2F%2BxLhpyfAB6f3c0fPmAZDchq%2B8Ui3JLKFQue54cR%2F7I%2BZN78v41EayHxwnLXLs1f8pMjj1h"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead867bb83-FRA
expires
Wed, 06 Sep 2023 06:15:58 GMT
bootstrap.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/bootstrap.min.css
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9fe71e05e63690230d5fc96364a60e2ca70c51d1c957dfc44a9bb66c877f23
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647994
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-5b8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J08d%2F5Ws%2FfLn7X8UO1EV6iS8whHCQkqBzlLSzqL4frPJnbAOAy5tEAooO%2BfXKhbe%2Bb0hqHSzIJXquxTD9A%2FdQS6rsxlod9oX646ScSe%2Bwk2bpqerjXPueO%2B7tJSb0inKstSqD6VO17kHN56p"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead869bb83-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
styles.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		126 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.5.09
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7803b6ccecf2f80204a2c75bf7b43bd18b8f5a2d828732b7422898583dd54c
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1706311
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 25 Nov 2022 15:05:35 GMT
server
cloudflare
etag
W/"6380d9bf-1f97f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHFzogPGe2k1vrI2pmgo6aduNtlfVUrrKMz3pn0kjo30%2BN2rt7Rbh%2FQcTKDFTnMjTnTT7UPMWgv0tBw%2BQ8tCr4bZpiHaGD9nI90b1i8x3OxtnFCKYeHNhAxMZTTBWVqduUZIRJ7puBws9xNG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead86cbb83-FRA
expires
Sat, 25 Nov 2023 15:05:41 GMT
swiper.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/swiper.min.css?ver=1.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c6b74aab138b30b1e7e29cc1377c646142dd133db41771266f8c6466e380f3
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647997
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 11 Jun 2021 12:58:31 GMT
server
cloudflare
etag
W/"60c35df7-455e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHshUr8pxkMLSR2B1ntFXsLUdgk8nxBzCEQ1krk9e5RsuiTQk642gybzlZjWMGR%2B9USZ5TbcOXb1Ah%2FHNaweI62SyBpcBRvsK8mB7i8QSWUuQIUXiagYIpCDhQhuiXCQfWSe3AkIoZFGIR%2BQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead86ebb83-FRA
expires
Wed, 06 Sep 2023 06:39:45 GMT
style.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		83 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/style.min.css?ver=2.4.27
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ab87dead82405e7357f7c03ced2b4d5d3cb991e3fc59587c22486519ad1483
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647962
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 17 Jan 2022 11:55:53 GMT
server
cloudflare
etag
W/"61e55949-14b6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgElUuVm6Y%2FmwvAcUDwYbSeNS019aqZRY%2B9XTC4j%2BunpU%2F3cVBJiOpGRAs2HtTGJlyXv%2B8Vbk6NNWQkyq%2F55hwOQb80IA%2BAL%2Fescig65cMce%2BnPOGJ1LZyYS3rsZYPO5OFqXIgpCoVzlRNZI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead871bb83-FRA
expires
Wed, 06 Sep 2023 06:50:59 GMT
nadballina.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/nadballina.min.css?ver=0.13
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759a7832652307a3887378304f8ef16b8a9390e48172cbcfba5b2e7a23923778
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647994
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 04 Aug 2020 09:50:08 GMT
server
cloudflare
etag
W/"5f292f50-960"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUYXuBv5ffyxqJyzh3XKX5eQs2cgIXG9gPpe1VaiVuTjIIgNKfFQcd1JMCcnsfdC9klYhHApy9rsClM%2BBmhDfdWC2frnF%2Ffq2%2BQirjchy0bGbZuNp8g%2FQkReN%2BIZjKcFiWT4ZznL3orV3E%2FL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02ead873bb83-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
telegrafi_logo.svg
telegrafi.com/wp-content/uploads/2017/02/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/02/telegrafi_logo.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d93d95a887c7049a48767ba91fb4d54802b9eb632fed06116967e5fa116fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647999
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Sun, 12 Feb 2017 14:51:21 GMT
server
cloudflare
etag
W/"58a07669-283a"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkAdnWFVj9nK7wbCzowo2%2BjZcSv%2F4aECSsDN6MYSjbjjfepaCyqzu2vo7mCS%2B3zpJeyCAjJ1EdyinpaZDU9VQyE%2BxpdXnYfNbv966u8egGmi%2FkcZ6zhHEIJ72g7oFjfW5sILQBOIfJUeeH%2Bj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
779e02eae89ebb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:58 GMT
app-store.png
telegrafi.com/wp-content/uploads/2019/08/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/08/app-store.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c261e30a476d56f895b5a24412062f8d8a69ecf4b296d2428f4621901c4d42cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4814
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Sun, 04 Aug 2019 11:30:54 GMT
server
cloudflare
etag
"5d46c1ee-12ce"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jF7hDXkPQD3xRI0JmBf2gXPGchl1C9Td7apd9ipT5Frfbdm8TyFiYESRpN%2BN9AXHh%2FajHY9tLjUScnkWcK0MuAjfmDTTq2N3hWApwAu14IiAass1yGCITBVgsjXGkRrlq0Oop8wIshTCiehO"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eae8a0bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:58 GMT
google-play.png
telegrafi.com/wp-content/uploads/2019/08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/08/google-play.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a21de8e50cb5fec4d27925459bcefa46d0dfd9be177eaaa765fa1ec9c9c649

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4431
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Sun, 04 Aug 2019 11:30:54 GMT
server
cloudflare
etag
"5d46c1ee-114f"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8vuvvRU0CZuFcBTViCV29mpjXaJTORZeYJ68WFDiTD26umKVBYHDXtRfQhQPoWrAAupG%2FaIjEPZtPA8JOumMQQaWKC1dkzVCrSc1d40RfjHVi0jvAVi9tJgNFXffd%2BERkxlAyWFRS4Vp2l%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eae8a6bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:58 GMT
319393923_683048753443658_4621929254209353364_n-780x439.png
telegrafi.com/wp-content/uploads/2022/12/ 		679 KB
680 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/319393923_683048753443658_4621929254209353364_n-780x439.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b94aa5f47663caed03a5caa2f1fb9d3654e65a2c679e8dcb00733515507ace05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2022
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
694868
pragma
public
last-modified
Wed, 14 Dec 2022 13:51:37 GMT
server
cloudflare
etag
"6399d4e9-a9a54"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvRpIdzjUh9BX14WTfJjNCeloeYj3nheGiIM66kVdUJKur0M9APNG952OD3r9i%2FGFmaA6BUJ%2BhNUa5Fo0VAqwXOzPl%2FDy5NcFcsIBrPjR2Ck50rWakauDKUSafgmLmnx0TtcTdSRHkIIZ%2BaT"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eae8a9bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 08:16:39 GMT
share.png
telegrafi.com/wp-content/themes/telegrafi/img/ 		514 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/share.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f860f91d82b7d6a8a76685b085a8a91bc6ee5d79f17ff35eb44d94b04f2683

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=1706, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
514
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Tue, 13 Aug 2019 13:39:01 GMT
server
cloudflare
etag
"5d52bd75-6aa"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2B%2F29MNw4H4OUGcMB3MI8V48LIYQk%2FytfYf582dFNGiSx6Py77mFRJ229gEQHa5bG2VzlS5MahwKHS0452lNSLF70%2BnKhvtoakMrqaxqvg72NMyg39bvWGF9sIkKe%2FpxuXeEitxrCu8M83yE"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eae8adbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:59 GMT
gjirafagg-south-europe-play-in-1
video.gjirafa.com/embed/ Frame B21C 		53 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1333644dfea36fd07de552c72d6e7f4a2c37f8bffb0f810f1d88bb58b137996d
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779e02eb5c9391ef-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ1dljewUx929DpgeUwkV9HbyD1r3UQYFJ8v45ONXUbmLHZxPW3f%2BQXNGRkb8bt%2B7EXmvRHfl2ACWt%2FfNYZ7CD3VQjutB6fj5V3QHkCm1tIRzkY%2FQTezV%2F9Xuy9MekBYY79T"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-frame-options
AllowAll
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ASP.NET
Opinion-150x150.jpg
telegrafi.com/wp-content/uploads/2019/01/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/01/Opinion-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d932503147c8bbb97b24664f800cab971a1e40448bdd0375f0f3ffd951073e61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164671
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6296
pragma
public
cf-bgj
h2pri
last-modified
Sat, 12 Jan 2019 17:59:14 GMT
server
cloudflare
etag
"5c3a2af2-1898"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxMT%2F0HLxZprC66HW%2BfSBCiWpqpN1wAF8UbDg3OsfHxS4T1XYSWXYKHoYc8hnHG%2BBm%2BPLfeF9udvVDz%2FYGu3hCUvQD6E7tDWQHSsdhk139ngawqkXe8l4rbbRqCWWcnoGu3wxwSozIZEgncJ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08e6bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 13 Dec 2023 11:19:49 GMT
ukrus-150x150.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/ukrus-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133b6909bca752eb87a233c424ac6af01417d79c56344576aae633cdfa8a1c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
151428
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6911
pragma
public
cf-bgj
h2pri
last-modified
Tue, 13 Dec 2022 14:59:00 GMT
server
cloudflare
etag
"63989334-1aff"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk7T4S4w9PwWOkbzN6Ac%2FGtx2gohOLKbB1WZO2%2F6UOWUEpfDQDmOan0gWW1JTlgYJl3go%2FRzdesZk5XcJReelvm83yFxCxWxhsiFHW%2FN0IABelAebmVmo0q9Mxracsk2oByS%2Fw%2FkhjGoCSsk"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08e9bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 13 Dec 2023 14:59:01 GMT
Simon-Tisdall-150x150.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Simon-Tisdall-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec02b7662af7adc66171a6fc065fc531ffd6b2ffe4cddf498941c14788f34e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329740
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4118
pragma
public
cf-bgj
h2pri
last-modified
Sun, 11 Dec 2022 13:27:32 GMT
server
cloudflare
etag
"6395dac4-1016"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bcfq%2Bc%2B1lEVvBHA5d2bxcQzzSna73bWleIMh2aepmQLoipoxKUPGeAbLFtD0FyQTmSgc9jiVB5cDETSAizhWIo7W5wnfEnoLvVuCHs6mLUxJkYa%2FmkMHc3PoFK6MEAeaie5JvBeVr9IUPbo"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08ebbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 11 Dec 2023 13:27:33 GMT
Kay-Alexander-Scholz-1-150x150.jpg
telegrafi.com/wp-content/uploads/2016/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/07/Kay-Alexander-Scholz-1-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a33acf80f123698f1461ecdf8ea4b11fa93d2c717dc29a55d1b67fa01071ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
332580
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4986
pragma
public
cf-bgj
h2pri
last-modified
Wed, 27 Jul 2016 14:31:20 GMT
server
cloudflare
etag
"5798c5b8-137a"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkapL6QT4SyP9neJzdMQBxzQ%2F8QTgm%2FRXmtXxHxry2taWuDaLdgZVF8rRGqXuxtAjEKIv6n7DlralpRq%2FTKyHpL7gtzw3Sqfy8Ob6uKx9v2AaSOJjLQT7bFlMcfbDyd%2FF%2BSB8KFNuXz2A8rr"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08eebb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 11 Dec 2023 12:40:03 GMT
fatmir-bardhoci-150x150.jpg
telegrafi.com/wp-content/uploads/2022/10/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/10/fatmir-bardhoci-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7709c3853e517c95706c7eab94e98e78407cfa90501c0d7b264e155a5f43d1e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4634950
cf-polished
origSize=9325, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8636
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Sat, 22 Oct 2022 17:08:46 GMT
server
cloudflare
etag
"6354239e-246d"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbfeEgZirMIrU2W6sCz19d8ZPzW4LRAjyDE3pBF0FQE%2F7j%2FhVH3gMtwxr0QGdHlKoB9qDhBnX0l%2BUO4msSbLyZfrjDO4ue%2F%2BNtYpH2uj2n9%2BV3vWHPjNjAiYpcebjREansV9IqQP1xcTORSi"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08f0bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 22 Oct 2023 17:35:12 GMT
Butrint-1-150x150.png
telegrafi.com/wp-content/uploads/2022/08/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/08/Butrint-1-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0d95254b1b62be82df2c80fb4c1bfd84d029afc773ebbef9ca6666818d3a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=38539, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34017
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Tue, 23 Aug 2022 07:24:55 GMT
server
cloudflare
etag
"630480c7-968b"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXRW99K%2F0C6Tx9880fJaqRM9%2FQMS9%2BgzrnymGLOFy21HGEO04OiQb62EuKOxv4EbzYlVcqBd3%2F9thk0Fgre0nI35Mb8vnZzTImvgQs7cDyxqsBLI4XkUUmMldIRji8MX0c5SB72HBm692Irv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08f1bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:51:01 GMT
Gent-M-150x150.jpg
telegrafi.com/wp-content/uploads/2022/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/08/Gent-M-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2416aaef36a5b09c0c89f4d37095b32d71acc872427539ac21393fe667aa2801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=4406, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3905
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Fri, 12 Aug 2022 22:48:18 GMT
server
cloudflare
etag
"62f6d8b2-1136"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1eE3tpaUHdk7tI7nRaCTIpskZnMaU8BntLaFsWyrlQ%2FL6ibZJGdDD7jOKJTLZ%2Fnr%2FweVNBDk2RQIpCYLk2KHheg4i8HSkqWCXEoX7bzq9uAc%2FNuXQd9kVkvd2doJtbSY13h6RlSgig%2ByxCn"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08f2bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:51:01 GMT
289820713_773567444008303_9127483626069540854_n-150x150.png
telegrafi.com/wp-content/uploads/2022/06/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/06/289820713_773567444008303_9127483626069540854_n-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58272341feec055ab30f3cb03d1d29d46ca5927ff64fd0c3b3ea5360db92ca2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=45146, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39664
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Sat, 25 Jun 2022 19:47:06 GMT
server
cloudflare
etag
"62b7663a-b05a"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1qXgCrHTspID7%2BuZeZKmzV01JKo0%2B3mvGYAq8yw2ulnvRrkRAjmMGqSuXu96rN1e4v1PGeYD2Bq4xHZ1WuuGs4cusQXCMfnz9Pk%2BjygJasRZkh0hs3xV8hLx9IOOjOmEQw0XlNW9x736sCK"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08f4bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:27:26 GMT
278942577_1126616738185455_4685092438968270514_n-150x150.png
telegrafi.com/wp-content/uploads/2022/04/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/04/278942577_1126616738185455_4685092438968270514_n-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c92ba7f703e5ed41a68b43098d5a8d3040f65f6020e5cb6358a15512ce184e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=44492, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38945
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Apr 2022 09:05:02 GMT
server
cloudflare
etag
"6269073e-adcc"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLOrbZ3Qz8gSt3O9kx9F4vBZxOcVNlFFTjr%2BdqjIO8Ji04ZhgijAETwh2PYQO77qUnd9sb9OablVzYSZ6jJ%2BQTPzDHugFmpXG8ljceYfBgrCmeihzjmIcoOQUATAoFGoLvJQGJKDHowfm6vw"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb08f7bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:44:13 GMT
1671020174-Mini-Centrales002-750x507-1-e1671056762720-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/1671020174-Mini-Centrales002-750x507-1-e1671056762720-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4973aec3023885bfe75e82f46abea70f6de102ae97ba4d247a6093d4622cbbea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37758
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19398
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 22:26:02 GMT
server
cloudflare
etag
"639a4d7a-4bc6"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdWn7aeJb%2FctvpwQLZ7ID0qpZT5%2BDdTS%2FoTOkP4tg5fEedcMe2YxdGlIjprwYDdICywYGq6GB%2FdJFQonzp5yvzBoz8%2Frlq0yMnV%2BrzHHIH%2BENBQbUe6Z3z8elFPFVd%2F6V3oy8P8hN9xFBPro"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb18f8bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 22:35:04 GMT
Screenshot_13-3-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_13-3-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7059f0fd833e5252de2900f68b57dbebac6dbc8b0b12ed96c0742d6d7280f755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41337
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10734
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 21:01:57 GMT
server
cloudflare
etag
"639a39c5-29ee"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PF%2BsbpTccaydr4AysH9%2B%2Fzdp5PlOeAuTLTjyyen%2F6kmikRe0TYQpJeb%2BIgQs2QE%2FzlsT5FNc0AWgjKTa%2FlVRDx%2BAOE5YenFkhapw1KGHAxK8wAwMH62suVU9L%2BPrlKlQ%2BoiIz5sqyZI7uuld"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb18fcbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 21:35:25 GMT
630_360_1464937891-3693-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/630_360_1464937891-3693-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2808a53372b058aa0548df5c51facdfec5edb31f59c5f7f99de047599818a740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47771
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16897
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 18:53:07 GMT
server
cloudflare
etag
"639a1b93-4201"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbwfSt8d1o7N7%2Fs1R6vbc5W2ETqRIh7JnMxXNk0lPuAVdHQtT9eUIpKRRJt71xGhObgRjaStwiBP08cTo8NalJENFthXILLQd%2FkpHBfGGueWY%2By6TV%2B%2B9%2FkEQEWDAiGnsGrYU4sEQ56tzxAM"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb18ffbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 19:47:28 GMT
1-90-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/1-90-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f91578473245302a6404b79b612e354ddbe2bf9b7ac7c7543c2d3a33aef00b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71834
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9287
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 13:06:41 GMT
server
cloudflare
etag
"6399ca61-2447"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ODKnKpplqbfFRVswC9jHWU4rVFL855%2BEW%2FsD2owBezMvvUYZzv8y92AmGpVKwUqfqWCpkelCQr4hNcwyrWe0p3jRSZE4%2FXh7teOb5Wdtqn%2BeQ%2FBaFn%2FTkLjAEmGwOPLr3wIkoGZQEhl9sBN"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1901bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 13:07:08 GMT
cats-5-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/cats-5-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0054825a53f1f808922c57dacc72134eacdbdeeddd4359edeb816b06c50f4ccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72652
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18548
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 12:34:15 GMT
server
cloudflare
etag
"6399c2c7-4874"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEI5W%2BDdAkmkzbHQRKIqYviAFWXgCmmvpPiPT1b8HSSlbwDQvQPGX%2BVQrPxXH6sWswgks02ewmTqPqpNouH7aHVlXMP9CB88dEcWeEHDFlDndTepVvMX%2BL%2FU7LRzcvcX%2FZgXIS%2BOzkcW5M3b"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1902bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 12:53:27 GMT
Screenshot_2-59-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_2-59-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38088d4f98790a4d872f663aa8766efc59e31936fec180e3a66c316fec43a55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74213
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25096
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 12:27:14 GMT
server
cloudflare
etag
"6399c122-6208"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iT3dYR3pLACo%2BxA2PbujDMTKkqzYdQCGY4U4flt82fi7tN7%2Ff5fMBGajtRNB80vB0Tishb5%2FB2jXt0Z%2FRYCGjB9r%2FyS1OIXUoa5ukU6j9qkmI0j%2B7u8y8xryqkYALFEJZ9Vi2BnAbd5%2FYV5m"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1904bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 12:27:25 GMT
prita-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/prita-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e02fcd53d8e962713d58cee2026d550350924ffabe7ef36e91aa06711a6f807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19967
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 10:04:26 GMT
server
cloudflare
etag
"63999faa-4dff"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDIpbxx9oCU8zDUcQ%2BIx3ZWBGNbsn7XFXK9%2BnY76yOech%2B0pwuJjoyRRHlrf8gkW4Hqf3Rh8CbW4D%2B4b7zfdyGA62M2iezMtGkWRiSOdBpw2GSyQ4zUrkixVSEefkhV%2BD9ORO26DWa2N6YbG"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1905bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 10:04:51 GMT
2-2-380x233.jpeg
telegrafi.com/wp-content/uploads/2022/12/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/2-2-380x233.jpeg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d61b6fad5ff7f2f24ed88b0d93f34e726e4243598a359c0a79a7249c18de4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88848
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28224
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 07:11:17 GMT
server
cloudflare
etag
"63997715-6e40"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQew7AwsDNKgE6nOSgh7KuafL4RMwsSqFy5LSSYUE4jTsmfbdtYC8fqmTkIjXtk0BLhPB2kIMDa8wwdIeEKtzccwhS1LoF09mYSAu%2B1UM9ysOevAHB4pXOGZ3re3pFQvGwuBZMGpUZJAptls"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1909bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 08:23:33 GMT
telegrafi-real-estate-blue.svg
telegrafi.com/wp-content/themes/telegrafi/img/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/telegrafi-real-estate-blue.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99af34f0bd0acef52afb5e513a184f03bfcebaa8134ac8367e2a5027d1cb2773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7768311
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Fri, 16 Sep 2022 11:12:25 GMT
server
cloudflare
etag
W/"63245a19-3695"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BTiJ9VUVCa1btaD%2Bovkh5IuQoFTukzZAKjwZs6kbcAAb%2FSFdZf3emSBipLN9F8%2Bjt%2BCk2K%2Fe3PjqgPaqNo9UI5ESsS%2Bmdr0DKl8RMX8OnjMcXzACsmfEtmzt%2FKMEiql%2BlckYZLGfbSz1VZS"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
779e02eb190bbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 16 Sep 2023 11:12:31 GMT
319248189_1846205002405795_3908562313588137154_n-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/319248189_1846205002405795_3908562313588137154_n-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268c3785caf56f9aaf8e8365ebce2941bbb1bfa597a28bf89c16b4c1f095f438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
237287
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19368
pragma
public
cf-bgj
h2pri
last-modified
Mon, 12 Dec 2022 15:07:26 GMT
server
cloudflare
etag
"639743ae-4ba8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOCvnDAsH6CZ%2BHcttAlJ5ndvPXKPWDGOfGH3puwdcTlxKcc3ynNUjmbpm%2FXJu4ogT0UHguxuoCgNPGyN1E9Z2NogQd2Fh39v7IW3yh2WJ7jbAatvyWjgsuzTa21DvFumvVWNO5sErki9YbQT"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb190dbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 12 Dec 2023 15:08:31 GMT
Screenshot_3-56-380x233.png
telegrafi.com/wp-content/uploads/2022/11/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/Screenshot_3-56-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec324a7995811a36af747005832557f65999816996e7c73c1ef31054a916a7d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1366846
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
194315
pragma
public
last-modified
Tue, 29 Nov 2022 12:51:12 GMT
server
cloudflare
etag
"63860040-2f70b"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WXCaqmjzCheOqkyyA2sY3ygYt77UDS9QmMgcD7DpI0fZp663hTWQ8IxxaGhXNfAz06CIpF2dMMlMk8Erbbh1d%2BSXvj2xILUbqs6x8dUO0wlI2hXE%2BXcpj3hQ8uWsm3hDQjCbFddavnG7AYA"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb190fbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 29 Nov 2023 13:23:33 GMT
316741877_1285139082220468_722110201356918339_n-380x233.jpg
telegrafi.com/wp-content/uploads/2022/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/316741877_1285139082220468_722110201356918339_n-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca337629f702d5d98c73968d0003d69eb7297d559df865fc892f4af68e3fb9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1710378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17205
pragma
public
cf-bgj
h2pri
last-modified
Fri, 25 Nov 2022 13:56:20 GMT
server
cloudflare
etag
"6380c984-4335"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6KR45jlrjqAHaMfPDQaLiPcXxkMU5TIArCPocLStd0EHdjr77P4FPtWtzz8qTHLQApe%2BVubICaCQyFn86ZcZIROuvlcNORzMxfk5GMnuugHtV4FYOiN3LxDN%2BksY5vUJPOdzLoWcMSwUOiw"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1913bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 25 Nov 2023 13:56:39 GMT
IT4A0819-edit-380x233.jpg
telegrafi.com/wp-content/uploads/2022/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/IT4A0819-edit-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61f4874d89af964ff2e37083b60a8da2cb1b003def82041ef0f5c8566a8385b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1799198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14228
pragma
public
cf-bgj
h2pri
last-modified
Thu, 24 Nov 2022 13:13:51 GMT
server
cloudflare
etag
"637f6e0f-3794"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wL0RC1Bh39EBmj4%2FIinG8TfsyYeqUeAoNpaI0harJ20ou5es5uhxvBL234v1zEZ38PtRNAxrYvwpr7Lw3gAJ%2B9SSkaN85IbaY3V1TQno928nUrjMmH2L2jrcLIUT2cSSZd3w4bU4j3ghzIhl"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1916bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 24 Nov 2023 13:15:27 GMT
IT4A0805-edit-380x233.jpg
telegrafi.com/wp-content/uploads/2022/11/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/IT4A0805-edit-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1c93c416231a0dfe5f899a927de42391be0ab3d8d564f9307fc94c5a7f8445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1886857
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18122
pragma
public
cf-bgj
h2pri
last-modified
Wed, 23 Nov 2022 12:53:37 GMT
server
cloudflare
etag
"637e17d1-46ca"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FPJPMuiTk6EFe5I%2BttEts%2F8gX%2FyDrrM%2BM6GNo2boj55wzwp6XNilXgOUS2zRAU8gkidoRLP6naKpder2%2FMi6zXk%2Bfi4kVyak2yxYsIIlA6aDP0ojV0LPQ3G1e9xUYzSUQ9tirfqWFY%2BerY8"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1919bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 23 Nov 2023 12:55:54 GMT
316393056_1321726805330504_1121494894564275599_n-380x233.png
telegrafi.com/wp-content/uploads/2022/11/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/316393056_1321726805330504_1121494894564275599_n-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1451be84b00255629f44ffd4b5c2718776a3ed76dc46beba5dfe53b0754cf753

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1967878
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
200689
pragma
public
last-modified
Tue, 22 Nov 2022 14:23:24 GMT
server
cloudflare
etag
"637cdb5c-30ff1"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv3CYC%2F4nvEomfkI5eq6LS3mhwo3AHWzk0NgXFMg5NxN1Ph5Aru8UOVESx32oJkI76JUruKAFtRcBSscxAEwFme1dieAaotzY46R59J%2FhpLTgJ6OFkjW7LuUgZ2rLLARPFoNJcgHunBE1rc1"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb191abb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 22 Nov 2023 14:25:06 GMT
IT4A0263-final-380x233.jpg
telegrafi.com/wp-content/uploads/2022/11/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/IT4A0263-final-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62ffb7d9dee508bbfee0d0b1f0cd47af712100c192107648bdccbdd4e146515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2050463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20772
pragma
public
cf-bgj
h2pri
last-modified
Mon, 21 Nov 2022 14:42:15 GMT
server
cloudflare
etag
"637b8e47-5124"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXfQqdkTwiF1rTAqxZXc5O44mNECyXp4O5NXmwm2ppZJp2p%2B%2BD8Qz%2BOC6cjPAkXFQP04ifNKK73hGkI3g3%2FJ8xvLFt5yfr0E1X5UpsX2tYBZK7c2%2FDzIAMaLi9xdRzpEHEJc62Cs9kOUUiR5"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb191bbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 21 Nov 2023 15:29:03 GMT
316088153_2184083168430242_9106908765149008657_n-380x233.png
telegrafi.com/wp-content/uploads/2022/11/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/11/316088153_2184083168430242_9106908765149008657_n-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c40aa16257c7546eea3dcec912e746283e67917083b137cdd8f8782b1388521

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2318593
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138806
pragma
public
last-modified
Fri, 18 Nov 2022 12:58:34 GMT
server
cloudflare
etag
"6377817a-21e36"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CMbTGQpW5bU6JTqeL0gQQ%2B1e65NBroDWyAaE1C%2FZc9%2BYQfSjB22a0dbx6Eudkw9pxod9q2clpfmm1qc%2BRmM8UP9bNIAsZu181JL4dmFREUH97UQ1kiNy6qgfNJZfqlmay1K37vzjYjKve%2B7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb191cbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 18 Nov 2023 13:01:07 GMT
telegrafi-deals-blue.svg
telegrafi.com/wp-content/themes/telegrafi/img/ 		39 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/telegrafi-deals-blue.svg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02fdcd2250a4da291e9f6eccefd36b64864ae8d27969225baa44199d8a520e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647440
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Wed, 04 Aug 2021 09:14:30 GMT
server
cloudflare
etag
W/"610a5a76-9a16"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcV0JYa%2FW3xYhlyvArKNU0iQmBgOyiZNXItBCo%2FKN%2FPNU8wPNZw2YWC1%2Fyjv46ImDJXrAcrZnTTlJAokn7%2BiA5%2BsoUV65NabT7u2bdSIIlgF0jqVanLZQhUT7v1uuez6rlcPhIb9%2B5gAJhnx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
779e02eb191dbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:59 GMT
1-3-2-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/1-3-2-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fc6ccc8b0e7b5bf566840b83ff170162aa6bf4d8a8b7350889ef5cf8e92c3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72541
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10834
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 12:53:51 GMT
server
cloudflare
etag
"6399c75f-2a52"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcBSbM01e%2FEjRyoE952ql5qvhECuy4RE01vV9hLgAfb72pZDhx7n%2FSCs4%2FNsmf0ExqjlIJ2cLkFKm95PmOGQt%2BviTP6fOP6veYNwsaPZZ%2BZBusDfD9FWakDW5ORPazjOQWOuxcJhV572Wujr"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb191ebb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 12:54:54 GMT
Screenshot_9-16-380x233.png
telegrafi.com/wp-content/uploads/2022/12/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_9-16-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd7e9903818f14e91f11ed06885a4966cfa93b1d4e3185b5a782ffca335ee72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
171318
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
158984
pragma
public
last-modified
Tue, 13 Dec 2022 09:25:48 GMT
server
cloudflare
etag
"6398451c-26d08"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxAhVX%2BMHEGtWV2lBzlNqHEpy%2BlcA79RKZkhvPsf1Kqg2MKAnQVIwXVFY0gaTow1Wz%2BcZYgzMw7pOhx2veuxdsMfzoRMtj4tLHN4WPCZ%2Fln2a0dJmNsVMT4b6nQLRvplkVUIiYBxBS%2Fx%2Fivx"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1920bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 13 Dec 2023 09:28:27 GMT
Screenshot_1-38-380x233.png
telegrafi.com/wp-content/uploads/2022/12/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_1-38-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6b5a7a695b2e187d7b2c5b35b12c30ef83a076c8bf57307ea71ea4885f2592

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
259198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
127558
pragma
public
last-modified
Mon, 12 Dec 2022 09:01:54 GMT
server
cloudflare
etag
"6396ee02-1f246"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFMfkDxw0Lqdipr5ZZx7jxxme3bK9J4Uil4oQBEgeP%2BiiK3IRwyaSbSyFkKLXDEvMzCDdzs2f0ip%2Bn4qs%2FcMPR8hzeyGR3BdNLzVV3cMlcBHUNwzCM96tEdj%2FdPAViWh%2FVQXTbRdYFlujtia"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1921bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 12 Dec 2023 09:03:29 GMT
Screenshot_2-18-380x233.png
telegrafi.com/wp-content/uploads/2022/12/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_2-18-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a2c266ffd1ef3d450d520e269f2d9e4314bdc9d517f2463e2605a530399747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
607137
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138882
pragma
public
last-modified
Thu, 08 Dec 2022 08:18:52 GMT
server
cloudflare
etag
"63919dec-21e82"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQwx819fJUuHX%2FfRWpAAbfAKjE2enO48lb%2Fc8ddxQs7IgmonCW3%2FfCc1TYQKg%2F91PHAN%2B%2Bug8XnDxV5TPIdPZL7sCyfz7uWwtEmRLwt2LucCvW6OwuUNnZRU3N4XFB9stQUQvYmR7l7r2y3K"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1922bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 08 Dec 2023 08:23:41 GMT
raze-mini-layout-05-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/raze-mini-layout-05-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a9b6ff9cea348fd79a340e6fe10de95b0b50f4e4aff152a18fabe90e93ea352

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
692998
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10995
pragma
public
cf-bgj
h2pri
last-modified
Wed, 07 Dec 2022 08:32:06 GMT
server
cloudflare
etag
"63904f86-2af3"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhR%2BWkUNzv0qYPe0sQJACG5Vw8Tm3yUznnhJgjYSczyTMKEGFes8%2BtC4584SnnuwxxIUZE5UgX3qrrKDsiHZkG2FQLlrRWw13RaG8OYhgvltJlu1nBkmIy8ZJE7naAK1dGSLVnZTDSSC0fWA"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1923bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 07 Dec 2023 08:34:14 GMT
Screenshot_1-14-380x233.png
telegrafi.com/wp-content/uploads/2022/12/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_1-14-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1729fc9c96b7317f0b74e7bcfbb775461c7e187128d991df60245f83250422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
865439
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85366
pragma
public
last-modified
Mon, 05 Dec 2022 08:36:31 GMT
server
cloudflare
etag
"638dad8f-14d76"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRNB4NeZArZpfNHytverNDFlFHPUWyTyh1n7msF0ruYAanG0Cyp3kr22QK6mqola1aGpCke3CDWOQAmGBpCjfI4ynW0EHo1%2FRbb80OrhM1MJE37Y9F%2B0Gir4drej2E2GmR9rbOVxbP3FTqfq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1924bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 05 Dec 2023 08:40:05 GMT
medium01-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/medium01-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e861b395a91bd9d6ae2d29e2167217579498c8652ea96e684fe5437b6dcdd03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
866269
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11584
pragma
public
cf-bgj
h2pri
last-modified
Mon, 05 Dec 2022 08:25:56 GMT
server
cloudflare
etag
"638dab14-2d40"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu3ETAsQbOzEgDpy59Adim4hrKSjzLZRHMySi9oD8z45uQyg7TIXHB%2F0nfwR%2Bi%2FNlImOxEc4t0tT1yLKtsmnIlsFEJ9mmeZ1MvP2rkSqfRccshxvEy%2ByVfF74RpMMUaLWZwpBgehsjSdb9ik"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1928bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 05 Dec 2023 08:26:27 GMT
Screenshot_13-1-380x233.png
telegrafi.com/wp-content/uploads/2022/12/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_13-1-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2811ec5abe9ffb299c614ede71c2b57da8fcbdd5822249286ebf93e90f91ab5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1122838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
108848
pragma
public
last-modified
Fri, 02 Dec 2022 09:06:53 GMT
server
cloudflare
etag
"6389c02d-1a930"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FWk1jEjeyu3U4hQRgzoNAorgCMojterY5ot46Kl4Qw2CQARIuzkbibfG2pxEkA7bNw975HFCOaUYGRTjLCPZ8BZy2qWwqbFvGM%2FRwjGIVlOZV%2B6isw8g9woiPiObACIKmfQ2OsrP4tOmOj%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1929bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 02 Dec 2023 09:10:04 GMT
logo-telegrafi-footer.png
telegrafi.com/wp-content/themes/telegrafi/img/ 		905 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/img/logo-telegrafi-footer.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d9e0c7de1c684f35b03b97dfa57dc264686615405257dafddd6d216adfcc5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=1265, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
905
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
"5a8039ec-4f1"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXVPQrN3%2FgMHtIZCXIP0CLGoFNXxlW45eG6VnmUX31kQxwQSshRpz9CbESGGvb2KK72uIP8ZrXPy3fD13jE%2F2BkiOMp%2FVtZEq5TC%2Ban0cq50nTijNL%2BMT6vSzX%2Bb3JppyXz%2BERCYeMGbHadu"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1931bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:58 GMT
dukagjini-new-logo.png
telegrafi.com/wp-content/uploads/2016/04/ 		580 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/04/dukagjini-new-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7962210b6e797e08c011395cf88eeff6c058253b4242b8c5256869f778597e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=876, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
580
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Fri, 29 Apr 2016 11:10:22 GMT
server
cloudflare
etag
"5723411e-36c"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tG3U%2F7l3cyX8P99RuP8jyvvCTNXEU7yG4QxSFSdHeJXhAozzYvfg1iQBHwNbvJ8K9Cl37jGJ2C3aAKDJbsMtAxYQpAHb7qNw0v5dVz%2BezCPcW%2Fs%2BJ4JD2ISlVI2etxZ8IAOBtp3Fd%2BDhcri"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb1939bb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:41:19 GMT
deutsche-welle-logo.png
telegrafi.com/wp-content/uploads/2019/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/12/deutsche-welle-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72720755f75baede2cb757a8111daff30a7c322428eed7a24b37d84fbec67993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=3525, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2618
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Wed, 04 Dec 2019 13:54:53 GMT
server
cloudflare
etag
"5de7baad-dc5"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXEeG8qKP2iE8sFYCGAXIc1%2FXD0GH8Ced%2FrHpycco9hXEnaAuBS%2FmaTPVUon%2BmBxPKrntlR4UsdhCraMmg3Hjx9D6d9b4Zo6w51KkQY6LzKhDgI1uofTel6p2jq3TVp3oYsYZMKklREsWdeQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb193bbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:38:01 GMT
shkabaj-logo.png
telegrafi.com/wp-content/uploads/2016/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2016/04/shkabaj-logo.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7844cfb29c5da5aaf907a24611ae207eeee959eadeb087ce5d01713a4267cd2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=3647, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2352
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Fri, 29 Apr 2016 11:10:23 GMT
server
cloudflare
etag
"5723411f-e3f"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUMyAkwUV%2FXFC6LTFFW041C9UDPf%2BAcgO5qyIH%2FbJPJfjwibqie7kiK3vQ1QYs7MEuZtD%2BQtxc4fkCqw5nnT%2BuoThEyod4ohduH4W1iqK45rjptBT%2FKxbxDLicS%2B3RlQVlzoGEi%2BLrp%2Fz5MG"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb193ebb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:58 GMT
toske_geg.png
telegrafi.com/wp-content/uploads/2020/09/ 		933 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2020/09/toske_geg.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41854f41fe85020edc0377130d956283c0c533e9996e3a7e3aa7e909f93dc954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647998
cf-polished
origSize=1463, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
933
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Sep 2020 08:00:56 GMT
server
cloudflare
etag
"5f719838-5b7"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hC%2BYDxGdIoWigu9eRFcUKX18YTvaZbQ%2Fdbj5%2BFe2HMKv1HA3Cf5OdPHnqgbWFbKPcy7xAESVMfYxxj1MxY8higOR7M1xyv9gr4g61VRy%2FTy3DnoC0kk4S2uLKcqqdXf6BjtI6xRns%2Fxd46cF"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb193fbb83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:50:58 GMT
font-awesome.min.css
telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0957311c8318f0d2498805c7bccc65cd0c86c643e12ed83031452e5f91152e4a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647997
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Nov 2021 09:36:29 GMT
server
cloudflare
etag
W/"618b929d-6dc3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4vd2VUcFmnvn8FTFnmBo7qKqEIsjNq5TfeXrv8i8VZ%2FWG6ERv1XPGdxLZPgg1cDnhKLFJEa%2FYZXpYWbXg7e%2FciJUuzEQUHAUtMO3XokpdRqhMfSjOYTqcg%2Biomy%2FD%2B0gmwoU6bsdBWU%2B%2FYl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
779e02eb1908bb83-FRA
expires
Wed, 06 Sep 2023 06:30:33 GMT
rocket-loader.min.js
telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Dec 2022 12:08:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"639719b1-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXNjHxPdIu5lw0BnricP4ckyweyqDXJh2x2QF9fvDG3BULSM87NwBeJ3X09BuMpmEQo1knc46kCh%2FBMak5OJ0lsTALdYGRXxkxqW%2F2iYUTcpuq5LA9U%2BqcSWSmzqbNPh2sTYgvopmQw4q0gg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
779e02eb3a51926b-FRA
expires
Sat, 17 Dec 2022 09:04:22 GMT
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdc3fcd2e52012d8f58f0db58f372c75d38353ee64a0eb6b722239884f689246

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
072e9850774236e199dadc50f2e72ca2e89d1edc9b955cbafcdf6bdf6959afcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 08:47:38 GMT
x-content-type-options
nosniff
age
87404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17156
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 08:47:38 GMT
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 04:00:43 GMT
x-content-type-options
nosniff
age
536619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16980
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:33:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 04:00:43 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800|Merriweather:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 15:04:57 GMT
x-content-type-options
nosniff
age
237565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 15:04:57 GMT
tlgicons.ttf
telegrafi.com/wp-content/themes/telegrafi/assets/fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/fonts/tlgicons.ttf?cn8ygj
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.5.09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e07140e4eb562b6f19aecb33cab48b3f7cb5ea1bd0ead0fc3e0ce5edf3edd7d

Request headers

Referer
https://telegrafi.com/wp-content/themes/telegrafi/assets/css/styles.min.css?ver=0.5.09
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5702607
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3832
pragma
public, public
last-modified
Mon, 07 Jun 2021 12:09:23 GMT
server
cloudflare
etag
"60be0c73-ef8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dSw5GJA9ARMtTqD6GPUEaoWNkMBF0PabT0gk8ilQ7al%2BpLP4sp65EflUADqGIPm1ApqjofiDi7f5tCmiOLLzCGFqc%2B2CLDi7sWAP23udFPDxiGLrA6dlTQDWzyFFMIyXa0%2F4NlD9QhFORYX"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb8ac0926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 10 Oct 2023 08:37:12 GMT
fontawesome-webfont.woff2
telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://telegrafi.com/wp-content/themes/telegrafi/assets/font-awesome/css/font-awesome.min.css?ver=0.0.1
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
648048
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
"5a8039ec-10440"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFB6DcGx8gN5iRJGYxeAFULQ4c3TCbCeORdK%2BfRZR6SXvbyD0YbgLAa0UpVerp4KOEy96BnCVEoie5HXEGDzRKBfMbnhlqpu1vVxO3zvB%2B0WATqloqXxDZQeTWLvAXZtuvSvG1RBqhgmFPUO"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02eb8ac3926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 07 Dec 2023 21:03:34 GMT
wp-embed.min.js
telegrafi.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 27 Apr 2021 11:34:25 GMT
server
cloudflare
etag
W/"6087f6c1-592"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzYeukIRkwCVLXnnzCzYgrruH3XKTYi5PdD0M3%2FgjnYhCVjnUk8pYZZurriHNN9bFZYeEoALs%2BXbkn78tkh6H76nOiJtI0pNm575O8rytH1ewWRSVsS5KOtdfb05DbxHwktCqBmItberpFLp"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec6c0f926b-FRA
expires
Wed, 06 Sep 2023 06:36:39 GMT
general.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/general.min.js?ver=3.05
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7156d8e7be5cbb3506804b16a96f73591ced0d621a6b5f34ca88119d191b8c
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1706352
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 09 Nov 2021 13:14:42 GMT
server
cloudflare
etag
W/"618a7442-2411"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGrnsarj8Zd0D0c0rZTa1VpgduXQyErb7AlstNOKKdlqlXCTdu5%2FMamwh1uvn1muxDYmxhtgeziAJ9%2BZxG9mSDhlrE%2FTFHgke%2BuE2QnUBgSVcA47fFKEfUavkFd33mkwfObL5%2BhCn8ycIkcT"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c13926b-FRA
expires
Sat, 25 Nov 2023 15:02:45 GMT
jquery.lazyloadxt.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/jquery.lazyloadxt.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14eec7295e73242aff774c5b71962ecf640f4bcda0ce68df52a283c8e970613f
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-98e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeWAhfb6NNdtQf205Sb5U%2BRV9CjV6JIcgrMItxPB5LqrLGDCkXYwOplvdKXkl9FNZyKTKX%2BJjTQHSzl4FojD1G4LfsvY4B2B0FHnIZZ5CAtibpvwMLMszZ0VFV9su8Ue2yubF0K%2BujwpfAsJ"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c14926b-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
main.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c04edc6f61d5124b8ed2c1858b3c43f456d317fa247c6727b30e91a788a2b8ba
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1118186
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 02 Dec 2022 10:27:47 GMT
server
cloudflare
etag
W/"6389d323-c47c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRwJS7tvpiNhmPSw%2BK2Mw7bMdorekxcZwpic7sBOvXhdFiSDbzNWwSd40jSu0TuX5nNldJiv7EpT%2BLPqzgdUKT6hTjqbsEUKsXOekPWcCHP8qOwKdi1C%2BKNR2d4Z5QBz3b4mBkLiQE%2BGyNvI"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c15926b-FRA
expires
Sat, 02 Dec 2023 10:27:53 GMT
clipboard.min.js
telegrafi.com/wp-includes/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/clipboard.min.js?ver=5.8
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 25 Jul 2021 08:39:43 GMT
server
cloudflare
etag
W/"60fd234f-296f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDWiWo4RXe2p3E4QiaPHQd3ytisqK3%2Bacq6M5vtQjbEnd7NJQywh1s2iTCjSsEj4RAGqhdBUzOdeDNGowNI0kDIgqCIvfKHMo88FVVhaK4xxRrM1QWePAJdqnumOKvvwiwoywuTdnTmaTnAm"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c17926b-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?mid=621729&rnd=native1
  • https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
810 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bdfb0d12ba966be7f43ac632460c02f1c4edb3705682f3fffa03397ef7b9f32c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
location
https://adx.adform.net/adx/?CC=1&mid=621729&rnd=native1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
b3bda2c1959a528ce1dc87b77391f300e4e01317.js
cdn.izooto.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/b3bda2c1959a528ce1dc87b77391f300e4e01317.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d7148dc41d39754a28df8e9f0189037c531a19ecc84dfeb2cbc2f58d714c61
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 30 Nov 2022 16:28:38 GMT
server
cloudflare
age
1269340
etag
W/"638784b6-8de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
779e02eccf8091e7-FRA
x-xss-protection
1; mode=block
expires
Sun, 15 Jan 2023 09:04:22 GMT
DqfniW44qMqs
cdn.onthe.io/io.js/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/DqfniW44qMqs
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.168.226 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
6fe12f443d57fba3f686959e72e430698b8a78465c198284f3e44900361cbc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 13:14:18 GMT
Server
nginx
ETag
W/"60e6fa2a-11165"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 16 Dec 2022 09:04:22 GMT
62f105d3882a87c73c163762.js
telegrafi-cdn.relevant-digital.com/static/tags/ 		481 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi-cdn.relevant-digital.com/static/tags/62f105d3882a87c73c163762.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo / Express
Resource Hash
3a89b74b18f0cf58377f6a6e3a478d7e8b847ebe9b6a190611121a901f649bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
HIT
x-77-cache
HIT
x-age
81325
x-77-nzt
AcO1qhEw4fX/rT0BAA
x-accel-expires
@1696933737
last-modified
Wed, 14 Dec 2022 10:28:52 GMT
server
CDN77-Turbo
etag
W/"783bc-185102e0f29"
x-77-nzt-ray
4c156224f6cc027716e39a63a5c21325
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
s-maxage=25920000, max-age=0
lg-thumbnail.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/lg-thumbnail.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d21d22ee93d22ac238c8733e8d5880b0bedd3a3436a1113d8efccfbe6b03db47
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 29 Aug 2022 23:07:06 GMT
server
cloudflare
etag
W/"630d469a-2405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQQ2KJwYL%2FQcws6deQM7KzPbvbmaxpfewi%2B7JIuLquB5KVtCh%2FbkgWiR0s68Tfggo81OixvhxnPBo2u0pZ%2BRoxawBYs%2FWneISsX4I4Ruw3caHPu7uhiEOmfvmjfCQy3eYyayEH%2BmLDVfSd4j"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c19926b-FRA
expires
Wed, 06 Sep 2023 06:50:59 GMT
lightgallery.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/light-gallery/lightgallery.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1fac26326bd720db4b866d74095b000e687c265752826f86c6bf92c3298ff8
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5702726
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Mon, 29 Aug 2022 23:07:06 GMT
server
cloudflare
etag
W/"630d469a-b7c3"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZzqQlb%2BHaa%2Fx%2F%2FHqTVRD9Q8b2TiLrywIti4d3B2HvinKgheyfGNmyVUwsjIjANehruLdz5q4354gOGwrNPwa1BWhy8lHRfVasi4Qsq9EOJAoS69F6ReDKof7RXLEtLtQNw2RdQ5XTGvQmBf"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c1b926b-FRA
expires
Tue, 10 Oct 2023 08:58:56 GMT
futureads.js
serving.stat-rock.com/player/ 		312 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/futureads.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
119a4c9e48102442e423807a8b795c8730e0d633536461a917af841ecc15faf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 11:51:09 GMT
server
nginx
etag
W/"638ddb2d-4e016"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
publishertag.js
static.criteo.net/js/ld/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 09:04:22 GMT
cmp.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/cmp.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95cbd90a386319a0337aff2fbdb889e790051c38adca419c3d7d05ec28e90263
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
cf-polished
origSize=4221
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
cf-bgj
minify
last-modified
Wed, 14 Oct 2020 15:10:59 GMT
server
cloudflare
etag
W/"5f871503-107d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7R4NwuIyrYl%2FjRUAg%2F9Rzx9capuZYrQ6Nffr56Mj6pcvltLzS2A9YoUfvb%2FnW%2BCdgfoEjkJuimtAMLa8%2Fs3IvvrcPw7Hkzk3zBiSdx179DjMNxgvejAmDpLwcr4%2Fo8T%2BUgfFNWCmegjYHY8"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c1f926b-FRA
expires
Wed, 06 Sep 2023 06:41:01 GMT
telegrafi.com.js
pahtuo.tech/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtuo.tech/c/telegrafi.com.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f182e12153e765b074bacf17b8731688c9445fb55bdd99401cd2e9d3a7b8db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KBXQ2G13BJ876X3Q
age
6330
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2009
x-amz-id-2
+GAp1+Lx0Fea6T6JNJZDCtl+UDXCIzMjCDfkDh1QD63osf1m9vypErnrlEjG640SYfHK/rilYhBSo/b9H7dyJA==
last-modified
Fri, 18 Nov 2022 15:51:36 GMT
server
cloudflare
etag
"1afbed2ab27509b7a5c6fbdcf6f727a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1T8mU9rJW6aQQ9gYNakcDQ1UZO7kB5MSpVeQEas7Nw2UJteGOlBAYq0xzzk46NyeneoWudCrTIm0zMoX0aGFfPtp0Gw%2FLwP6l0iG7FyfZtkuQCWWNsgvLoUQ%2FgxOmh%2BCcyNNFI%2FbLcdzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
779e02ecdce0926d-FRA
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:09:35 GMT
content-encoding
gzip
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 22:39:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
3288
etag
W/"9678e76b6e6295571547f8fe5df68b88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Nuy23PUwv0zAXpkI6qxvgqBjnpapobAk5me8WgT0hYlznXXjChfUuQ==
swiper.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/libraries/swiper/js/ 		142 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/libraries/swiper/js/swiper.min.js?ver=1.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24eaa87d394e82bf4c46c8fce9d490c95367a1c7366562b1c153dd5593e2531
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 11 Jun 2021 12:58:31 GMT
server
cloudflare
etag
W/"60c35df7-23827"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yp1zraLxfyXTYbY5vgpf5y45rv1P4KUGExswsYXV3ObbzV9csZx1eKpK%2FPYr4ETku0wexATTCS4S12Yxn%2BQefF%2BBsL0lDO81bh4b7Sr1bYJ8KfYJRBH3EJWY2FDUmU7ZAilPwWG5SyRyFDe2"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c23926b-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
nadballina.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/nadballina.min.js?ver=1.9.92
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e146cf548483ff23de03f7df499088925b151a115865bf5eaeb976e4e44d4a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 20 Oct 2021 08:46:34 GMT
server
cloudflare
etag
W/"616fd76a-3a14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ylKKypzoSdrpcHT6YTIHjce9B1kQNcgB%2FLCEqLenGFgLgnY2GY%2BsvRy4A8TNRBlRX1GxfDvcFUxWqtpEe9cYCQo99FED4Rm%2BvrZgyRaC%2FQG3eg1Vh3thhSrwtQ%2BYJiclkkCGNQn2hh5y%2Fqj"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c25926b-FRA
expires
Wed, 06 Sep 2023 06:46:32 GMT
sticky.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/sticky.min.js?ver=1.5
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66078495f7cb24e6c59bc1a4e8e1ba63800dd8b7669a1b9201de1194d201aa9b
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647981
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 20 Oct 2020 08:36:24 GMT
server
cloudflare
etag
W/"5f8ea188-1b7f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubseZQSisQk54CxbX1Z06Trnk%2BdKseLoY0AqUIP9d1Jfe8Ak20dkx0UHgiCwkeB0R20Rz3e4pOpcLbJQ90jj652EbBPKR1TzNWgldDatGAEE8SxA8xFO%2Fp9V%2BXug5wyAup8nkmpJoz1a2etQ"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c27926b-FRA
expires
Wed, 06 Sep 2023 06:50:58 GMT
jquery.min.js
telegrafi.com/wp-content/themes/telegrafi/assets/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/js/jquery.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'self' 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5702726
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
last-modified
Sun, 11 Feb 2018 12:41:16 GMT
server
cloudflare
etag
W/"5a8039ec-1787d"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C7PsUjmKsEbhiBUX7PA4JLOzkrmgTTBTt2CS1xNnI9rEgHMvc2cwOQERflEN1irN4tX6z%2BokXoXeUAnw9QKjZumuY25FkOe5m56V2w8d4GeYct5pIw3eFHxIv%2Bc80a2WIPP45TdlwhPnGaq"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
779e02ec7c28926b-FRA
expires
Tue, 10 Oct 2023 08:58:56 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VLYQGEH6F0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
343cce4970a2346df48dd4555da22c8e0756244d04d5d5d5da0cf52c93439024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76836
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 09:04:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1422 / 889 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 09:04:22 GMT
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
17935569c1c4b0330e9b1cc9be4a160621f21541d3d746194f88d9d977a04434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:23 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Content-Type
application/javascript
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
loader2.js
scripts.futureads.io/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/loader2.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-12-13T13:11:25+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Sat, 19 Nov 2022 13:21:12 GMT
invisible.js
telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6CD2 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a82b1f0802de3765dcc7cd7cfbdbb408adf46cfa0907e5335e1892ad5846656

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaAQJwkTqilV7wXqUkp8OcHIHES4tgpVr0AS4W%2BlTRcDm%2Fl0A5BGgBxlxPDJpnNwz0S05n1h%2FEYVuv0zX9VkKOrx%2BVu%2FaakXDXmFhe82tWbCMD4HbaeO%2BUku7BRXV8azUVK2NDpqxkJs9Q0E"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
779e02ec7c2a926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ Frame B21C 		13 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 08:45:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 09:04:22 GMT
site
video.gjirafa.com/Content/ Frame B21C 		379 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Content/site?v=68ATcZ4R2ZLXozvCY1T_eXGR1QV6N8mUDzlLoedrdYE1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
509328beac43e8f4a208d9810b25095e108d14321e134e99bd9aa49fa6404d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzcVM7SOypZMJTuj3zln5celKQXb4llX7jRydg7mf%2FA%2FrS0fMYGMYtHOrvnDBHRJVRUzlO8It1FVZhgPOPlNAmxaODWNwY4JoDqURIqY3qlqFXjbdKobz5k0Y0YKKtJdPr0a"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, no-cache="Set-Cookie", private
cf-ray
779e02ecdac39125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
style.css
video.gjirafa.com/Scripts/vpplayer/build/ Frame B21C 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2ac68e63b7ecbb47b11b9628af11214906d83ca569cb7addbcf17cd7def11808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2136
cf-polished
origSize=53153
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 04 Dec 2022 00:42:14 GMT
server
cloudflare
etag
W/"0b79340797d91:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqDmn%2BrRYM5paSy5%2BIXW04cEzBeDND2ktr8OqoQ7mm8J0n7ogkGQPQ5CkA%2BPSfjQCugZ8G16Smp0NOCxB%2FsEFjQ3WlUCHK4BCo83nJXXj%2Fu9i9o4FOgTcGrKlne2MqPQs57k"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
779e02ecdac79125-FRA
cmp
video.gjirafa.com/bundles/ Frame B21C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/cmp?v=cwPtl0QziOaPDtP35Gd5w972BQwF7sLtdCDYhnk5BDc1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
95c2f1e9c92a3b36266af77682b8b7ac7ec9148c509582a8bc0c8a9a5d84bf50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HO8ZR4mQTr1GniYio%2Flsqf6VC5TURcnrR4HZLKSQymGVJJctHxxw3mrSgUocCepm28akEWVlTPdRR7KozuEUItDjOi1IGmv1sXhL1DcOmeDqSfB2kSVxVhIZWWwLexikYM0"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02ecdacb9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
dmp.js
gjstatic.blob.core.windows.net/fix/ Frame B21C 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/dmp.js?v=20221215
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.139.164 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7885b62d27f957718035a5deb48fb2a7448eb5ce4e1a4eed51f6ce8ef09edb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 09:04:22 GMT
Last-Modified
Wed, 15 Jun 2022 14:47:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KCjvpMirwhGK49Nig1cHEQ==
ETag
0x8DA4EDE073509EF
Content-Type
application/javascript
x-ms-request-id
c0863499-f01e-0069-7864-1013f5000000
x-ms-version
2009-09-19
Content-Length
7695
gjirafa-sdk.js
bisko.gjirafa.net/web/ Frame B21C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.net/web/gjirafa-sdk.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2056aa5306ae09355d91e6ea1e28c661da1a7694b1fa3797aca5f9af059dc7ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-amz-request-id
tx0000089a1c8fb929f23ea-006389f019-2aa7e8-eu-west-1
age
26
x-amz-meta-cb-modifiedtime
Fri, 02 Dec 2022 12:30:22 GMT
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-silencer-ns3158641
x-age
73756
alt-svc
quic="195.181.174.5:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1rgX0iOH/HCABAA
x-accel-expires
@1671107706
last-modified
Fri, 02 Dec 2022 12:30:56 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
W/"c2f6b4cf918473dced47fc2b25d30008"
x-77-nzt-ray
25b021312f90743f16e39a63bd4c3531
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/x-javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
x-gjcs-backend
FC3HCVNOYV_custom-biskoblobgjirafacom_80
cache-control
public, s-maxage=86400
access-control-allow-headers
Range, Authorization
ap-gjanout.js
central.gjirafa.com/js/ Frame B21C 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/js/ap-gjanout.js?v=2022121510
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
914516dd439448f528815bde4c68220ad2b99764c4c36fa7c26f5753956dc544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248
cf-polished
origSize=18970
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 02 Dec 2022 07:15:20 GMT
server
cloudflare
etag
W/"1d9061dd61a7e1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8FvgwcdgqklV4uvfbvzTKHtkL89Dl8LQwKO3QeginD9tqSUrrAA%2BlkJiFJ2PAsrP%2FAIL1npdU3puc9cNlkqnwaA0HHvCUbFUXh4cOxxparAKkdHmyHBNrbJx9vHaYmo3XlmlPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
779e02eccf7d91ef-FRA
logo-white.svg
video.gjirafa.com/Content/gjvideo//img/icon/ Frame B21C 		778 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.gjirafa.com/Content/gjvideo//img/icon/logo-white.svg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Dec 2022 00:42:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3185
etag
W/"0b79340797d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkBFTDpV%2FJ55Fj9JPmdJ4%2Fen8nn3S2fLFIODe1CvWR8wpuvZZu7qJmWYuaTfv7CKvK5cyAhuB%2FFMcbeyXHYPV4uaOp7ta1hCsqkI3D%2Fchn2hfPJ%2BMJG9Mj9Y70Ov4PwcBpqQ"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
779e02eded1e9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
polyfill.min.js
cdn.polyfill.io/v3/ Frame B21C 		101 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
last-modified
Wed, 07 Dec 2022 23:49:52 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/108.0.0
server-timing
cache-hhn-etou8220023, PASS, fastly;desc="Edge time";dur=8
accept-ranges
bytes
content-length
94
signalr
video.gjirafa.com/bundles/ Frame B21C 		137 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/signalr?v=ESzVmpNGv_aDeciqJ96y8azOIur4IPtZQ8UNy-umB6k1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f731690b85fbc4d4cba112dbc1d6ad001e5d754ebbcc1344bed7acfcb880ec53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRUARI3r%2FBuzlTljVPlQMfkdd%2BKEGN7QjNx1y7bNMJY4x1KPwv3qEwrvBgxLpCjn2eNeye9pVqrQS4ZPf%2Bn4aFXDcjdgO6BvJ294XVeOzefgfrBNPHOkn%2F%2BMSmwtIk8VwZHI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02eded0b9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:21 GMT
signalr-hubs.js
ub1doy938d.gjirafa.net/storage/scripts/ Frame B21C 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/storage/scripts/signalr-hubs.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a72bede3e458cf0f0a418b051e1b6e8ebc245c75a7ac2561392ff05604db2ae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
gzip
x-amz-request-id
tx000005399bd35d644aff5-0062bc669b-288232-eu-west-1
age
9508
x-amz-meta-cb-modifiedtime
Thu, 17 Dec 2020 17:01:14 GMT
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-silencer-ns3158641
x-age
51608
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
x-77-nzt
AdRmOMEjdXb/mMkAAA
x-accel-expires
@1671129854
last-modified
Thu, 17 Dec 2020 17:03:10 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
W/"af752ffe72576055e523a2dceb9c1fe1"
x-77-nzt-ray
uyCf6tjV0Xw
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
content-type
application/x-javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=86400
access-control-allow-headers
Range, Authorization
analytics
video.gjirafa.com/bundles/ Frame B21C 		43 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/analytics?v=FxjveAGY1khA2Da7hLSoSPb-cNwV4GExoG5ZkLtY3-Q1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3e3303b53c44389d11252882de16d59bc65f78b2aa95ba7321766fb585829855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fl1079ACE0cHAA21LTdM1xsXZQOTOdE176aAsPOUVgfOgsL0%2B6zyZ7g6Hu7mYvMYgyTxhFt4c2P3XTGCgOXg%2Bl7rDb9NezlaREkUHn8Pzowxf6ypeH7%2BqXMnNj5u9ooK5XPP"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02eded0f9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
lib
video.gjirafa.com/bundles/ Frame B21C 		327 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/lib?v=Z6qPw5yL3uTQpoB3EKAVYlXBn75ceS7sTAa5Agbx60s1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
19f16f61a773e0bfd8360452873aa2233b8dda3e2bc6cbe60fa196ced7a1d339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJIxeWtq5yKOviipnTGyvkWizajbSS6AQy0EERkho0tlpvMKqC%2Bk374l7Ro0igPn3KWmeinESZozZMYF6xhD%2F%2F%2BcbFR8aTHXIGAUV7CmeTksY5ZrHZ5AFR%2BX2LfmFpUlJc8S"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02eded119125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
main
video.gjirafa.com/bundles/ Frame B21C 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/main?v=hgjtu9CgK_qkREFWRWP7cfTelz1VD0jvk5qyjyrjoZg1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c76ef403b313b1fa426b2dbd430e83a63a261ab340188c7d427295fbca03ccd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuipOORHy%2FPspmUastBZBNeNVGvqSbjh3t4csQi6WLNgiQbv0t3AoME0%2Bc8G1J6arZTm2w0CfkqJ9W6kC37%2Bp8C%2By%2FwC3cNQdvp%2BGtxpRKSxr%2BNxynEJFmBwwDgPxf0kVG8f"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02eded159125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B21C 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Thu, 15 Dec 2022 09:04:23 GMT
5
video.gjirafa.com/bundles/hls/v/1/2/ Frame B21C 		336 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a0c6f6ebb96dd622346b5cdafd1293b1fbb7ab16cf832683fce4ea5ba42d74f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBEQbqsxc5lMs%2F6Pgi5ID0nACohPpGYRYIDsd3CSEe3UEBSYIuvgfXbyneHbMiLLRsRT2H7OilHIL%2FhvtyJY4H9AZG4QMb3uEZDPniL%2F0Z5bFznXY0yo88wsDXUNIDYbaMrb"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02eded189125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
video
video.gjirafa.com/bundles/ Frame B21C 		382 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/bundles/video?v=c4HiLczb49L3revYUU6bjzDVtpkU-G6LPXidudpwhto1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
61a8d045249590c8d0bbd875b71dd1ca99ca480b1958c758e838bb10e57d0704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPQ7UVTIjYM30L%2FyE0D6uNAumD95EfK3VIO7EeF1iCoqhZdXea7g5BsEcYn5fPw5s%2Fdq6DBSZzKoXfW%2BKs1V1JNQG4d4xOUGvXf%2FGgqr4DFyNDe405tPq9lq%2B1NOeuRDPZy1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, private
cf-ray
779e02eded1b9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Dec 2023 09:04:22 GMT
pica.js
telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6CD2 		20 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdf57dc6d88662cc2092ed4c6aa822d738c1a04d7a43963d7444d37d7fc08ed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qsmx%2BMwWLhed%2FMqGduByiulx%2FKQlRuqiSIvvAeP3KWxD92sIsxivLPWlSQ9mBOE9woFrvR2O7MLUNBydua%2BSwuIeUClazLhPZ0hy9HCXCclZ0rmX3QLx8vC9YTCN4Df4LwZxdnymEMuLHtK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
779e02ececd0926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sdk.js
connect.facebook.net/en_US/ Frame B21C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62e7600cf62ddaa872464665f98e17f996fa842d0407bc5ff755d9cd4e2832ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 09:04:22 GMT
content-md5
MF/4YhTf8tSPmARv1E9u7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
xwNt7HbAl1S+42RF3CpjWXBHnRlkluO/tDG3hsk7pLEjltYZIw/8HrgO53fsB7QFmItJm5hUIxDZ45em3fXicg==
x-fb-trip-id
1679558926
x-fb-content-md5
35cc77c0f6c376e4f16d784488af3765
cross-origin-opener-policy
same-origin-allow-popups
etag
"a8a039b5d0a757203b4985b2f51e45fb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Dec 2022 09:14:53 GMT
/
central.gjirafa.com/ Frame 3F59 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/
Requested by
Host: central.gjirafa.com
URL: https://central.gjirafa.com/js/ap-gjanout.js?v=2022121510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5d40c64fef8ed2234d505471d6d072b2c251fbb43ca6c2f83290033de9f2a5cf

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public,max-age=3600 private
cf-cache-status
DYNAMIC
cf-ray
779e02ee0d609125-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjLoyaeR4KiKWLtsJyrjjRip9pY7jxTwBOQXWhH0BUEZdk83MALGU4KsgL1GdBXsZoxN6LPxND103nCqkUOvEYW%2BzhG4Dio3%2BZ0ZP0qEFT%2BmtdXCup3Tj3q9K1uXyF2KYX6%2BD8Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame B21C 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://video.gjirafa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 16:15:31 GMT
x-content-type-options
nosniff
age
406131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 16:15:31 GMT
icomoon.ttf
video.gjirafa.com/fonts/playerIcons/ Frame B21C 		12 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/fonts/playerIcons/icomoon.ttf?1pnmru
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d6e84a9f2656532891bbcba944f5125618cfa95a33fdeae7828e97cf21d4135c

Request headers

Referer
https://video.gjirafa.com/Scripts/vpplayer/build/style.css
Origin
https://video.gjirafa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Dec 2022 00:42:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3125
etag
W/"0b79340797d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FapM7I8HNJuqa7jeruUhFcCO%2BgPKnyYU%2FOlM57Wy0UHYOdeLyQ85f5OiBcHZfuOXg9YzT%2BSu2vToUlCXLE%2Bd7LSVj258YKlis6AyRSzJSt8go9XI7cPy81LJSxgs2IOfuPw"}],"group":"cf-nel","max_age":604800}
content-type
application/font-sfnt
cache-control
max-age=14400
cf-ray
779e02ee1d6e9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gjirafagg.jpg
ub1doy938d.gjirafa.net/storage/images/channel/desktop/ Frame B21C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ub1doy938d.gjirafa.net/storage/images/channel/desktop/gjirafagg.jpg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ab3c68676b9be4e1e238ffe271e7e853518ff03e153f1d7c33b818381d7ac2fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:22 GMT
x-cache-op
HIT
x-amz-request-id
tx000000000000000670a76-00639953a2-2a882d-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-amz-storage-class
STANDARD
x-gjcs-server
gjcs-leta-05
x-age
12779
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
12019
x-77-nzt
AdRmOMGHzWb/6zEAAA
x-accel-expires
@1671168683
last-modified
Tue, 13 Sep 2022 14:23:29 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"bb7d2ecfb612c05547da6936e0743710"
x-77-nzt-ray
UbxPIBAm01M
vary
Accept
access-control-allow-methods
GET, OPTIONS, POST
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
logo-white.svg
video.gjirafa.com/Content/gjvideo/img/icon/ Frame B21C 		778 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.gjirafa.com/Content/gjvideo/img/icon/logo-white.svg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/Content/site?v=68ATcZ4R2ZLXozvCY1T_eXGR1QV6N8mUDzlLoedrdYE1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/Content/site?v=68ATcZ4R2ZLXozvCY1T_eXGR1QV6N8mUDzlLoedrdYE1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Dec 2022 00:42:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2408
etag
W/"0b79340797d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNGTgpCiXC9NMU4gJ%2Fkxbq%2Be%2BJHEWoaLDkIA%2B0xvxkEh0bCzEXObXVd2HKmp0YKLz4fY6P0GvbQ0qSX53oHXjcJ83Ifz1lu9bDXfeg%2F5pnavTOgerCShfeypY9XXPXuUxqOh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
779e02ee3da89125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
779e02ea5f2cbb83
telegrafi.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6CD2 		2 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/cv/result/779e02ea5f2cbb83
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW9JUMrXpJyFysx4AGRfJdweJhVKXEOGDv4jceN%2Fw%2FeSesazHp1PhYVonxw%2BhsDqUhIWMu6oWG9vuBtWBjkau2Z56Jv4tjLM8YNvkOZ5mJ1n7BLgV0g%2BiMvWtp5W8AYJ2iqDylymDBOrOVQZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
779e02ef3843926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wrapper.js
central.gjirafa.com/prebid/ Frame 3F59 		164 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/prebid/wrapper.js
Requested by
Host: central.gjirafa.com
URL: https://central.gjirafa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
28ac29e8f6e07dc30e6534e9f560c0460792299cee69ff7d2414936f4f837c47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://central.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162
cf-polished
origSize=194531
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"FovhN2uIBt5nMCyDO4DS5UpHLKg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQAqqUh2w08TNDTtcVWphD%2B4M6Nts18N0qIKZa1XU%2FJUSNLd8IKnILxQ7sA5c9kbiwWaUILuVp%2FhWNyWORbvHExd51v4745PWC9lgK5X4upyNBOsKJqQzDWPS9H5VUndvT7%2FJNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
779e02ef48339125-FRA
atrk.js
certify-js.alexametrics.com/ Frame B21C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C2
Age
8492070
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
KXfNwf08P8WoOc9NIl9Eu834PvEPX8tjdJWXBWTmpbkM8RkNLt_voA==
atrk.gif
certify.alexametrics.com/ Frame B21C 		0
0
analytics.js
www.google-analytics.com/ Frame B21C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6516
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 09:15:46 GMT
fbevents.js
connect.facebook.net/en_US/ Frame B21C 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 09:04:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YFDmwqI67iyEQQCu4hPoEOom2F3GG7tzA6HrMnSqELj2jsZ22Pps+U0//CIJf9KYtqGxCzPDLNUejzmJp5g/fQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame B21C 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4a544d8973647d1bc790ee3ef167905f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
253520fdbceabc59878aeaea63329df314883d79606c8ba785698105775c448d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Origin
https://video.gjirafa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 09:04:22 GMT
content-md5
WhjOtlBQ3syD+lhA+HqPYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86982
x-fb-rlafr
0
x-fb-debug
7MbOKxww7hBCm4HRk1fgJCXObZoHiJoqzTQOlkTro2A7SYlQ4oNhkBzB8KFPitiKVrflPcPhbE+ZXAlU3/LeWA==
x-fb-content-md5
e5e06438a4ef6967f6ed931a8385ec03
cross-origin-opener-policy
same-origin-allow-popups
etag
"cf7794b6cb1f9223a0d8c4f9b618aefa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 06:58:35 GMT
/
tarantula.gjirafa.net/ Frame B21C 		0
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tarantula.gjirafa.net/?url=https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82372
x-cache
MISS
x-77-cache
MISS
x-gjcs-server
gjcs-silencer-ns3158641
x-region
lim3
alt-svc
quic="156.146.33.25:443"; ma=2592000; v="44,43,39"
x-77-nzt
AZySIRnoYFqR
server
CDN77-Turbo
x-gjcs-cache
HIT
x-77-nzt-ray
cf878727446b98b017e39a63e4eb3905
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLej2E8nlheHZkC%2BfbxUa%2FumrgjZf6kUqaLXAfwYke%2Bi0G2DFkPQh9AI67uv7ceMW%2Fom5glT4OmYhnj3QCKX5qfJo6fQlJ9o%2FuVq205HbmHOVzRuHFPvVoPP0HNnk5YEqklAxXtALH4N98U7ecY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
*
cache-control
No-cache
access-control-allow-credentials
true
x-gjcs-backend
UPR6WDHQ5Q_tarantulabiskogjirafatech_443
cf-ray
779627e1ef886919-FRA
access-control-allow-headers
Range, Authorization
348494715542935
connect.facebook.net/signals/config/ Frame B21C 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/348494715542935?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49bb63a34137f5faebf2c307e25c4d723fcc1792090d8aad2bd904238c1c99aa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 09:04:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85861
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Ye4f902xvHDUSPyFr9T7iK6TsdzhG+ojbrCvoJewLYZjoEBkZlEsu/hYmF5ubF3wNJIC3A5SCt2iZPuQ64VHNA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
status
www.facebook.com/x/oauth/ Frame B21C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Ftelegrafi.com&client_id=339813706476261&input_token&origin=1&redirect_uri=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4a544d8973647d1bc790ee3ef167905f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 15 Dec 2022 09:04:23 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
jFrU7u+8U4aX6wtX6Gv12LGrHKpK5mcsCrAIa65yPiZRoKeOGVNc0v0/c8wtd++v8X68wa4nZiwRyyaiVfaz5Q==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://video.gjirafa.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame B21C 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=339813706476261&ev=fb_page_view&dl=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&rl=https%3A%2F%2Ftelegrafi.com%2F&if=true&ts=1671095063071&sw=1600&sh=1200&at=
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 09:04:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame B21C 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=348494715542935&ev=PageView&dl=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&rl=https%3A%2F%2Ftelegrafi.com%2F&if=true&ts=1671095063114&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&it=1671095063040&coo=false&rqm=GET
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 09:04:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
GetInfo
video.gjirafa.com/Video/ Frame B21C 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetInfo?videoId=95887
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=c4HiLczb49L3revYUU6bjzDVtpkU-G6LPXidudpwhto1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
73b5bd35c8eff72e7b37401c8a57fe5a3a1a98028a3c318a9f16446167474b9e

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-html-minification-powered-by
WebMarkupMin
date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYvq1ALYWmL3ua3CQa0zW6L6bAAGEMViqYWMbknzAgK8eLYodlU054Ruw%2BQELaa5OfngLYuO996hRorgv5uj8g2wTnNo7GZFJnS2kkogLvNkxUd7BkGGK8VrMCsLw3zj0L6t"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
779e02f0eb859125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
portal
bisko.gjirafa.tech/ Frame 261A 		2 KB
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/portal
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2620f32e95ff30963e5af9a9c3c8c07f62a4bbd76e59eaab7d735a693e96eb33

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779e02f15d256916-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmJ0s0lF9QAxCMirY4Esg%2B%2BCS%2FF6K%2BcnG5HKxsu%2FgrDQ4bLY2azeOHMU8IYZm6Ijvibwsg%2F2iEDpXoNFuUILkBoFl1d6d0pCrFfHWDuHt0LoLO1y7k65TMjPke3fiKFtoS1lXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 168E 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8015
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 06:50:48 GMT
expires
Fri, 15 Dec 2023 06:50:48 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B21C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 09:04:23 GMT
analytics.js
google-analytics.com/ Frame B21C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=c4HiLczb49L3revYUU6bjzDVtpkU-G6LPXidudpwhto1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:12:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6685
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 09:12:58 GMT
GetPlayerRelated
video.gjirafa.com/Video/ Frame B21C 		785 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetPlayerRelated?videoId=95887
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=c4HiLczb49L3revYUU6bjzDVtpkU-G6LPXidudpwhto1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
64746889a72676c0988149b85d76f5c93395a84a71fb8f36a30129ccfb47d4ee

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4Unb38ezVrz8Q07xr1tlSAu3Ownm1Zz1JiUbTIUHKoE92Suu484LryChSKaGbnRj2f3O2nmIoySKVbLlF63Uy1QQd%2BwiPQjdyDSuZjE1sDbs3wqSFRXC%2FxORKRo9zZ9zTCs"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
779e02f17cc59125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
GetFloatingAds
video.gjirafa.com/Video/ Frame B21C 		3 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Video/GetFloatingAds?videoEntityId=416173
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=c4HiLczb49L3revYUU6bjzDVtpkU-G6LPXidudpwhto1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-html-minification-powered-by
WebMarkupMin
date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e6%2B9y5NVki96TILKKs74F4Q3OulRk9NXCVa5737XMDAJ%2FqdvK60ZFfwIqbyPZvIvKwpN8cfQJuZ%2BvlfJ37hbGShTNCub1VFegYaDT4OJBHsrlq9r4u%2FENeTGp26abs3uxse"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
779e02f17cc69125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame B21C 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/video?v=c4HiLczb49L3revYUU6bjzDVtpkU-G6LPXidudpwhto1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 09:04:23 GMT
retina.jpg
ub1doy938d.gjirafa.net/media/zyk0zy/thumbnails/ Frame B21C 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/thumbnails/retina.jpg
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ad202eefd1cb3f93193dd6af1cc6c2b88de5e9da86d2c10aad2540d996998ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:23 GMT
x-cache-op
MISS
x-amz-request-id
tx00000ea3cf38b66428b3a-0063999963-2a8998-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-amz-storage-class
STANDARD
x-gjcs-server
gjcs-qeta-06
x-age
84404
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
78828
x-77-nzt
AdRmOMHyFnT/tEkBAA
x-accel-expires
@1671097059
last-modified
Wed, 14 Dec 2022 09:34:26 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"403c53c810d5ced4cbfe730e3959b7aa"
x-77-nzt-ray
Apn543evBLw
vary
Accept
access-control-allow-methods
GET, OPTIONS, POST
content-type
image/jpeg
access-control-allow-origin
*
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=86400
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
ping
bisko.gjirafa.tech/api/v1/events/ Frame B21C 		2 B
370 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/ping
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarypf5BrBRlLe6TCRhA

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FPM4dcN%2FrjOA2l3ad5BlkwPPEru3oQEblvBWhUPIDP%2FpGBenU6yFLt9NeaEBG0dHZSq3BRSfO7uo0otyjROYne%2BB0MPbIiH79%2BzkUCN3GSv8bsEzdhaZDKYXljEuj7Ec9%2FtTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
779e02f20e4e6916-FRA
content-length
2
web
bisko.gjirafa.tech/api/v1/events/ Frame B21C 		72 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/web
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3f27b38b91442bd4021a63fb1ef8ed0fae5f1c13bc00f45ce97a43689ccf061

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWoFCVuRZcewJtojctKlJDkZTB4p9JeI%2FZzdxEVm8uRRBBSE47aOXmQJslH5oLUvvtzWNIu7hygctZ98siqutTIrakhdmGoA0%2B0mHKkTZC0JyoW60OLCMEKSaXp3JeeAcULDqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
779e02f2ca4a5c9e-FRA
web
bisko.gjirafa.tech/api/v1/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://video.gjirafa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://video.gjirafa.com
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779e02f2595d5c9e-FRA
date
Thu, 15 Dec 2022 09:04:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aaI0XBvp2FRJaXJ7JeQ3fB3WOJ%2BFcMFE9swJHmQonjxUL2VH4vNJCglwlns6o0Nh%2FRD28tk1x3BA4%2FtKbHZAbzJe3mM67eVcx9L3HYTX2Bzvs8XqK%2BUz61x4jSaaoS6Rn1cTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
index.m3u8
ub1doy938d.gjirafa.net/media/zyk0zy/hls/ Frame B21C 		500 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/index.m3u8
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
7c07250452cb9087d382084ab3cf47ef0761c9765ed95382f096103382c43332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:23 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007c6394-00639a6083-2a882d-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
31688
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
500
x-77-nzt
AdRmOMGKlOL/yHsAAA
x-accel-expires
@1671668175
last-modified
Wed, 14 Dec 2022 23:47:07 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"801a87f165f957c3f8103665db25df4d"
x-77-nzt-ray
ACVTA8Z6xnE
access-control-max-age
0
vary
Accept
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame B21C 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Thu, 15 Dec 2022 09:04:23 GMT
cast_sender.js
www.gstatic.com/eureka/clank/108/ Frame B21C 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/108/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 05:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15164
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 00:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 16 Dec 2022 05:31:26 GMT
index.m3u8
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		307 KB
308 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/index.m3u8
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b7e1fedfafd106b7731be4d608f01d45b9b725afd6d5231cdb4183fcf17a7fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:23 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007caf9c-00639a64c6-2a882d-eu-west-1
age
12
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32296
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
313927
x-77-nzt
AdRmOMH0vYr/KH4AAA
x-accel-expires
@1671667567
last-modified
Thu, 15 Dec 2022 00:05:23 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
"92706f441a8bb5b66d92e0ad6d3d3955"
x-77-nzt-ray
nLzIijIO9wU
access-control-max-age
0
vary
Accept
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
negotiate
analyticsvideo.gjirafa.com/signalr/ Frame B21C 		391 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analyticsvideo.gjirafa.com/signalr/negotiate?clientProtocol=1.5&token=100xgq&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%2C%7B%22name%22%3A%22notificationhub%22%7D%2C%7B%22name%22%3A%22videohub%22%7D%5D&_=1671095062938
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=ESzVmpNGv_aDeciqJ96y8azOIur4IPtZQ8UNy-umB6k1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.68.155.202 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3129903.ip-51-68-155.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
60f1b66c39653e5ed61d1b2d076adca1307f2352d673345a180b4640abec3c3e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:23 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://video.gjirafa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Expires
-1
gtm.js
www.googletagmanager.com/ 		210 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f5d422fd4383d90bde3351c85b1612b0aba7558f645408eadfd783aaef708c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74712
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 09:04:23 GMT
html5player.js
s1.v-player.net/player/stable/ 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.v-player.net/player/stable/html5player.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Ternopil, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
6463627134cc4c1d4a2a6074dbc030929369ce6c318ada0e3f246f3b6f806828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 11:41:16 GMT
Server
nginx
ETag
W/"5f8eccdc-4f5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Connection
keep-alive
Expires
Sat, 16 Dec 2023 09:04:23 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 07:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6517
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 09:15:46 GMT
c.html
cdn.admixer.net/scripts3/51428/ Frame 3AD4 		738 B
587 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 09:04:23 GMT
etag
W/"6375fd72-2e2"
expires
Wed, 29 Nov 2023 15:24:58 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-28T15:24:58+00:00
x-id
fr5-up-gc33
a21031c0f6a0994b3314.b.js
scripts.futureads.io/scripts3/51428/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:56 GMT
server
nginx
etag
W/"6375fd70-5d41"
vary
Accept-Encoding
x-cached-since
2022-12-13T04:11:49+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 06 Dec 2023 04:11:03 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.futureads.io/scripts3/51428/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:47 GMT
server
nginx
etag
W/"6375fd67-12c39"
vary
Accept-Encoding
x-cached-since
2022-12-13T04:11:49+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 14 Dec 2023 04:11:49 GMT
tag-manager.runtime.js
cdn.admixer.net/analytics/ 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.runtime.js
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
443b49ef5776a0321e1541a0fc0ac6269604b2d4bbb101ab1c4e2be74748141a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2022 21:03:46 GMT
server
nginx
etag
W/"63812db2-56d"
vary
Accept-Encoding
x-cached-since
2022-12-13T04:24:56+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Thu, 14 Dec 2023 04:24:56 GMT
tag-manager.js
cdn.admixer.net/analytics/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
35a7dac037fe8e2beadabc54cea5efa7fc666cefcfc38a4c39b9d967c66f811e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2022 21:03:46 GMT
server
nginx
etag
W/"63812db2-710d"
vary
Accept-Encoding
x-cached-since
2022-12-06T15:46:32+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Thu, 07 Dec 2023 15:46:32 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 07:59:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Dec 2023 07:59:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		412 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=telegrafi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45c6cab14c40f1cf7d05444d73a6ca20440de692dde61be8425e632b1036a52f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165
x-xss-protection
0
expires
Thu, 15 Dec 2022 09:04:23 GMT
collect
region1.google-analytics.com/g/ 		0
336 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VLYQGEH6F0&gtm=2oebu0&_p=710314533&cid=990110800.1671095064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671095063&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2F&dt=Lajmet%20e%20fundit%20-%20Telegrafi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VLYQGEH6F0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1671010518350.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010518350.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d2599472057f7948c9bca5271dab5e14b12df9f56e5c82f2d9bae355200f3da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:23 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb012-00639a64ca-2a882d-eu-west-1
age
3
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32295
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
2258444
x-77-nzt
AdRmOMEJmcz/J34AAA
x-accel-expires
@1671667568
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
"d9aae58138e14abd29ada80dea1f1f66"
x-77-nzt-ray
6gCN+9KV/D4
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 05:31:18 GMT
x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
12786
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
29QCe2X8wAOGxmhJT8Qz2MXC52ovPaxgaTO3zxzPVhO_N9sBVC40lA==
projectagora.min.js
aghtag.tech/libs/ 		297 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghtag.tech/libs/projectagora.min.js
Requested by
Host: pahtuo.tech
URL: https://pahtuo.tech/c/telegrafi.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:81b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d24911150a4799bd44093e6b1f657b908faa4e83ecc3bb8b1a05c7086dc6a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
W1BB0C6H870Q5F2T
age
6463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
88966
x-amz-id-2
UAQex1UlDNp99IDYrY/i114vaQaIKbdqJCaSEUdcBj0jdueL6jwyRYlmmDISdJzG3PnIaFuFOEiJBkg51F3QaQ==
last-modified
Wed, 23 Nov 2022 15:08:19 GMT
server
cloudflare
etag
"e55b32a563b2c91d9c73b854188caa72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaKrDUpy4dC2N%2Fh6A164H3gB8GXlbaZ1BTWj3wUyk%2FVbhJExwHnRdf97foBwuVpP71%2BsjiNI8eiy6xK2sSysFCuwBm6TTpzO8NT5r1E7sEnDEcofZe0rHStMURGdzzKLVmiZB4c0T1GPWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
779e02f3fae4bb4a-FRA
choice.js
quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/cmp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dcafbe9407c301261985c3dfb80d73966d57e2bb5d67de978222cb8765e17d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Wed, 10 Feb 2021 16:33:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
13
x-amz-server-side-encryption
AES256
etag
W/"992ab8620dedf1f62286c67a7661e59a"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
1yjUgtQaXg-XVZ_j4kzXYTTLHHwiCRrqiJbQWxwFC7n78Z_5oUhhhA==
loader.js
cdn.taboola.com/libtrc/telegrafinetwork-telegrafi/ 		300 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/telegrafinetwork-telegrafi/loader.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
058c87f17dd9683d9508757d18026665dbd2a4887ab6b63a217a5fb18fc7297c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
gasKWoLoKb69Pk_l9r9CslrUdeJNmESA
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 09:04:23 GMT
x-amz-request-id
N810G5SDQZBX054M
age
14
x-cache
HIT
content-length
28749
x-amz-id-2
YY+8RXdVAZQUC17S7cbGy8tkmiz5US6+YgDnFkLl0pLUJQO6Ra8dXztgjHbuznUineNXmp7vJ1o=
x-served-by
cache-hhn-etou8220052-HHN
last-modified
Tue, 13 Dec 2022 16:10:31 GMT
server
AmazonS3
x-timer
S1671095064.682717,VS0,VE3
etag
"f3f94446b55fd9beadb4dc87f2c9439f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
js
www.google-analytics.com/gtm/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MTCHQ67&cid=990110800.1671095064
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
47f2db4c76ec313bef91bbe4d279974190d78801ddc88831e102c3c9d5382f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44046
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 09:04:23 GMT
/
www.facebook.com/tr/ Frame B21C 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=348494715542935&ev=Microdata&dl=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&rl=https%3A%2F%2Ftelegrafi.com%2F&if=true&ts=1671095063640&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage%20-%20GjirafaVideo%22%2C%22meta%3Adescription%22%3A%22Gjirafa%20is%20the%20GRID%20partner%20in%20organizing%20the%20Champions%20of%20Champions%20Tour%20%E2%80%93%20South%20Europe.%20South%20Europe%20includes%20(1)%20Albania%2C%20(2)%20Bosnia%20%26%20Herzegovina%2C%20(3)%20Bulgaria%2C%20(4)%20C%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage%20-%20GjirafaVideo%22%2C%22og%3Adescription%22%3A%22Gjirafa%20is%20the%20GRID%20partner%20in%20organizing%20the%20Champions%20of%20Champions%20Tour%20%E2%80%93%20South%20Europe.%20South%20Europe%20includes%20(1)%20Albania%2C%20(2)%20Bosnia%20%26%20Herzegovina%2C%20(3)%20Bulgaria%2C%20(4)%20C%22%2C%22og%3Atype%22%3A%22video.other%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fub1doy938d.gjirafa.net%2Fmedia%2Fzyk0zy%2Fthumbnails%2Fretina.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22640%22%2C%22og%3Aimage%3Aheight%22%3A%22360%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fvideo.gjirafa.com%2Fgjirafagg-south-europe-play-in-1%22%2C%22og%3Asite_name%22%3A%22GjirafaVideo%22%2C%22og%3Alocale%22%3A%22sq-AL%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&it=1671095063040&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 09:04:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:uniques_instantly[url:%2F,domain:telegrafi.com,page:Lajmet%20e%20fundit%20-%20Telegrafi,page_type:main,language:sq,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36,device:desktop,browser_version:Chrome%20108,browser:Chrome,depth:1,user_type:new,user_id:c5ca8b842.35177b262_1671095063692,session_id:cc066e79b.ade562a9e_1671095063693,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&1671095063697
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.112.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:23 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:visits_instantly[url:%2F,domain:telegrafi.com,page:Lajmet%20e%20fundit%20-%20Telegrafi,page_type:main,language:sq,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36,device:desktop,browser_version:Chrome%20108,browser:Chrome,depth:1,user_type:new,user_id:c5ca8b842.35177b262_1671095063692,session_id:cc066e79b.ade562a9e_1671095063693,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&__io=c5ca8b842.35177b262_1671095063692&1671095063701
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.112.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:23 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42744:pageviews[url:%2F,domain:telegrafi.com,page:Lajmet%20e%20fundit%20-%20Telegrafi,page_type:main,language:sq,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36,device:desktop,browser_version:Chrome%20108,browser:Chrome,depth:1,user_type:new,user_id:c5ca8b842.35177b262_1671095063692,session_id:cc066e79b.ade562a9e_1671095063693,cdn_version:16]&s=32beca58aa16265a6b5b96b238fd99e0&1671095063704
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.112.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:23 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ht.json
tt.onthe.io/DqfniW44qMqs/ 		345 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/DqfniW44qMqs/ht.json
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.115.112 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.112.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
8e8903ce6ab9ecc7b5d141870ed5b2b16d9991da806948e6205811dc40301d5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:23 GMT
Last-Modified
Wed, 14 Dec 2022 21:59:30 GMT
Server
nginx
ETag
"639a4742-159"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
345
Expires
Thu, 01 Jan 1970 00:00:01 GMT
izooto.js
cdn.izooto.com/scripts/sdk/ 		239 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/b3bda2c1959a528ce1dc87b77391f300e4e01317.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37752caee00abaef41c9735eda4971c65b1923d37c6aa916fc222ca20bca028e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 06 Dec 2022 12:49:07 GMT
server
cloudflare
age
764057
etag
W/"638f3a43-3bb8e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
779e02f44d7c91e7-FRA
x-xss-protection
1; mode=block
expires
Sun, 15 Jan 2023 09:04:23 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
62e7600cf62ddaa872464665f98e17f996fa842d0407bc5ff755d9cd4e2832ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 09:04:23 GMT
content-md5
MF/4YhTf8tSPmARv1E9u7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
xwNt7HbAl1S+42RF3CpjWXBHnRlkluO/tDG3hsk7pLEjltYZIw/8HrgO53fsB7QFmItJm5hUIxDZ45em3fXicg==
x-fb-content-md5
35cc77c0f6c376e4f16d784488af3765
cross-origin-opener-policy
same-origin-allow-popups
etag
"a8a039b5d0a757203b4985b2f51e45fb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Dec 2022 09:14:53 GMT
futureads.js
serving.stat-rock.com/player/ 		312 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/futureads.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
119a4c9e48102442e423807a8b795c8730e0d633536461a917af841ecc15faf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 11:51:09 GMT
server
nginx
etag
W/"638ddb2d-4e016"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
web-vitals.iife.js
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2533284
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GHZ0GEXYW2MFRD5HR5XNSGD7-fra
server
cloudflare
etag
W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
779e02f52e44913a-FRA

Redirect headers

date
Thu, 15 Dec 2022 09:04:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GMAG3WDQ6TQ4AEJ1GCWQ3MXS-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
336
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
779e02f4ad4b913a-FRA
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
dff2c1ab9d71eb52fb90d29a5d3df7171900d6fb33373ba74c71ca7fa8d9de35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:23 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Content-Type
application/javascript
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6f07829bef22970e4804764f38f845b1a2068640f6b28e07e606f4a3c67986f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76289
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 09:04:23 GMT
213794966
fundingchoicesmessages.google.com/i/ 		113 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e458fc06a6d53815902b8a54e694987d11caac86f6561e8877b404c131dac1a5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NPSuhbOGlYRx-7LeQAmVFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-NPSuhbOGlYRx-7LeQAmVFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cntcm.aspx
ads.futureads.io/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=bc09e2fd-d1e8-434e-b234-109564911de1&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&pv=1&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://telegrafi.com
Date
Thu, 15 Dec 2022 09:04:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
dmpapxl.aspx
ads.futureads.io/ 		43 B
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=b1c6b850-d671-4b42-ad56-9bafbee994c0&page=telegrafi.com%2F&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
adx.js
s1.adform.net/banners/scripts/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx0000076a8f526c24b943b-00637b6785-329373d4-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
c1e9d8334ba54d4baddb27e81eb37356
bisko.gjirafa.tech/api/v1/segments/ Frame B21C 		70 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/segments/c1e9d8334ba54d4baddb27e81eb37356
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4f509c666f64e0f510df4c52cf80861f27f6587ed47d2b9d2424f8f4f2e70d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7WD1sifN7NBiu8tGlqV1xuZjb0Hj5Q8E8byfpFr5JfX%2BeEhzZA6HLcI6%2BwFU06dpbxvA9hx2IxaMqR6keYT9EvNegB4mOsoI0Z3elW2ML0ZutJYnJ36XqxEK8eHwToxgfqhJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
cache-control
private
access-control-allow-credentials
true
cf-ray
779e02f4ae205c9e-FRA
bfbdb82f-bb37-4f05-9cc0-a7a92a4c31da
https://video.gjirafa.com/ Frame B21C 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://video.gjirafa.com/bfbdb82f-bb37-4f05-9cc0-a7a92a4c31da
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3416f0b3c596d165e72106ace8bee89ba24b138552c113f8004a58b77a13d9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
86157
Content-Type
text/javascript
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:23 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 09:04:23 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/5DC2nemX4YAUu/telegrafi.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:30:04 GMT
content-encoding
br
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2060
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 10 Nov 2022 18:23:42 GMT
server
AmazonS3
etag
W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
PKlEN56YvMVCnoLVzK1teSyQ0s2u25Kp73zbsPWUtBAzXwBSi9QdXg==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=710314533&t=pageview&_s=1&dl=https%3A%2F%2Ftelegrafi.com%2F&ul=en-us&de=UTF-8&dt=Lajmet%20e%20fundit%20-%20Telegrafi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KCDAAEADQAAAACAAI~&jid=754165578&gjid=1961392901&cid=990110800.1671095064&tid=UA-2976507-1&_gid=267557253.1671095064&_r=1&_slc=1&z=743702931
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20221213-28-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/telegrafinetwork-telegrafi/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Lrl1e2Aw8HzCg9OgpbTX6ln5I5_T3ZPx
content-encoding
br
via
1.1 varnish
date
Thu, 15 Dec 2022 09:04:23 GMT
x-amz-request-id
KVJN73AKCDP1590T
age
5338
x-cache
HIT
content-length
147906
x-amz-id-2
il2fn2xAjbbgcxwwDSvYEZDLB7FPnaacErobol09BwmCWl1ywsN8l8CETmbcF2Q5aseD2ifknHI=
x-served-by
cache-hhn-etou8220052-HHN
last-modified
Tue, 13 Dec 2022 15:34:28 GMT
server
AmazonS3-br
x-timer
S1671095064.822155,VS0,VE0
etag
"a4495474400267464c5d5703cfb4ef74"
vary
Accept-Encoding
content-type
application/javascript
abp
49
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
20404
es6_452a4b73fdc057ec6747.js
s1.v-player.net/player/stable/ 		916 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.v-player.net/player/stable/es6_452a4b73fdc057ec6747.js
Requested by
Host: s1.v-player.net
URL: https://s1.v-player.net/player/stable/html5player.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Ternopil, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
9a01cf7070ca19a8f1c9c0539792449682d92dd5e57cf56609bf706364355f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 11:41:13 GMT
Server
nginx
ETag
W/"5f8eccd9-e4f0e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Connection
keep-alive
Expires
Sat, 16 Dec 2023 09:04:23 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4a544d8973647d1bc790ee3ef167905f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
253520fdbceabc59878aeaea63329df314883d79606c8ba785698105775c448d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://telegrafi.com/
Origin
https://telegrafi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 09:04:23 GMT
content-md5
WhjOtlBQ3syD+lhA+HqPYg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86982
x-fb-rlafr
0
x-fb-debug
7MbOKxww7hBCm4HRk1fgJCXObZoHiJoqzTQOlkTro2A7SYlQ4oNhkBzB8KFPitiKVrflPcPhbE+ZXAlU3/LeWA==
x-fb-content-md5
e5e06438a4ef6967f6ed931a8385ec03
cross-origin-opener-policy
same-origin-allow-popups
etag
"cf7794b6cb1f9223a0d8c4f9b618aefa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 06:58:35 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame BBB5 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
1023699
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
779e02f4fed191e7-FRA
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 09:04:23 GMT
expires
Sun, 15 Jan 2023 09:04:23 GMT
last-modified
Tue, 05 Apr 2022 12:00:20 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GGFDBX585G&gtm=2oebu0&_p=710314533&cid=990110800.1671095064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671095063&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2F&dt=Lajmet%20e%20fundit%20-%20Telegrafi&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2976507-1&cid=990110800.1671095064&jid=754165578&gjid=1961392901&_gid=267557253.1671095064&_u=KCDAAEACQAAAACAAI~&z=1375361299
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Dec 2022 09:04:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203c:2000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8208d620893b885a91778378cf304bd40c73decf639ee1ec487e91804907ecbf

Request headers

Accept
application/json, text/plain, */*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:42 GMT
x-amz-version-id
KZ_abct9fxSnQsZ4cInZdlEfLgTLD6XT
content-encoding
br
via
1.1 3dd1b09eec76c0aa4f9a7b74344d67b2.cloudfront.net (CloudFront)
x-amz-cf-pop
SOF50-C1
age
21823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 30 Nov 2022 19:52:29 GMT
server
AmazonS3
etag
W/"8980f3096e8d1a15cdb9518354d546f7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
8HpNUMlhH_zHy0Nt26haIzy4gD-98wbBpLsv_KQie5fUdd0UgzLQpw==
start
analyticsvideo.gjirafa.com/signalr/ Frame B21C 		25 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analyticsvideo.gjirafa.com/signalr/start?transport=webSockets&clientProtocol=1.5&token=100xgq&connectionToken=kj395%2BBYY9O4X5gkKEIYM0h0dF4LDIuRVQOua3BLEwSzq3%2FznvCynTHiyD1Mzq0q9ixdBOi4DqW4S9Zmvc%2FwDkxZlYhy8jOV5JRn82tz46BzKxKApaYm3t6WPFKnIPCi&connectionData=%5B%7B%22name%22%3A%22chathub%22%7D%2C%7B%22name%22%3A%22notificationhub%22%7D%2C%7B%22name%22%3A%22videohub%22%7D%5D&_=1671095062939
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=ESzVmpNGv_aDeciqJ96y8azOIur4IPtZQ8UNy-umB6k1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.68.155.202 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3129903.ip-51-68-155.eu
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:23 GMT
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://video.gjirafa.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Expires
-1
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2976507-1&cid=990110800.1671095064&jid=754165578&_u=KCDAAEACQAAAACAAI~&z=510154359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2976507-1&cid=990110800.1671095064&jid=754165578&_u=KCDAAEACQAAAACAAI~&z=510154359
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PageView
bisko.gjirafa.com/tr/ Frame B21C 		68 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/PageView?guid=75fcad9c44b54a429d01fb51e13d7d3262ff5352325b4ab38c9c337055fed969&sd=4dbfeaa91c44468ab85fbc15379412e7&t=1671095063965&v=5.1&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&c[0].name=Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage&c[0].e[0].k=live&c[0].e[0].v=false&c[0].e[1].k=showSeries&c[0].e[1].v=Play%20in&c[0].e[2].k=showName&c[0].e[2].v=GjirafaGG%20&c[0].e[3].k=hostName&c[0].e[3].v=GjirafaGG%20&c[0].category=Gaming%2CT%C3%AB%20tjera%2CSport&c[0].id=95887&c[0].type=video&c[0].e[4].k=loggedin&c[0].e[4].v=false&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgfj62MqEVNBVbJamqMaO0im1wJ4ijCgdP1OaEeh4Yti%2FQCQFn8tMDDHP6Ibhix1H4RszVbG6ZXh7zM9lTSe8lOYNJqWg%2B%2B4I3%2F7zvwpKHTEmxFD0%2BM5Z29MM51zh0pk%2FoFz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
779e02f5eab191ef-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
rules-p-5DC2nemX4YAUu.js
rules.quantcount.com/ 		160 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-5DC2nemX4YAUu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2b4bddd4ea8931a57581de87a1a5a66c121e52c42040e234f505b4c53e82888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 08:57:54 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
395
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 06:34:56 GMT
server
AmazonS3
etag
"ab6dbb73b8380397603a6bf0ff57e000"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
4L-nzpMiBE62M2ZR3CLng1H2N_VmQD1v5_YAGjpO0p44aduug6gX2w==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=220167648175857&input_token&origin=1&redirect_uri=https%3A%2F%2Ftelegrafi.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4a544d8973647d1bc790ee3ef167905f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 15 Dec 2022 09:04:24 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
QW7XTAx0/SWsxiKHReIrmE+4Ccuu3Gf6ZBKJsn4pyW7gYQ9cVpkHL5PHI0WIvmr9LpJ5Trz1rUb1G7q2x6LKxw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://telegrafi.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=220167648175857&ev=fb_page_view&dl=https%3A%2F%2Ftelegrafi.com%2F&rl=&if=false&ts=1671095063998&sw=1600&sh=1200&at=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 09:04:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
tag-manager.js
cdn.admixer.net/analytics/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dmpcnt.js?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
35a7dac037fe8e2beadabc54cea5efa7fc666cefcfc38a4c39b9d967c66f811e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Fri, 25 Nov 2022 21:03:46 GMT
server
nginx
etag
W/"63812db2-710d"
vary
Accept-Encoding
x-cached-since
2022-12-06T15:46:32+00:00
content-type
application/javascript
access-control-expose-headers
content-range
cache-control
max-age=31622400
cache
HIT
expires
Thu, 07 Dec 2023 15:46:32 GMT
dmpapxl.aspx
ads.futureads.io/ 		43 B
462 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=25
Expires
Wed, 21 Oct 2015 07:28:00 GMT
cntcm.aspx
ads.futureads.io/ 		0
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=ca106e6e-5933-44a6-8506-1ca41a81459f&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&pv=1&referrer=&page=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://telegrafi.com
Date
Thu, 15 Dec 2022 09:04:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
log.js
u.heatmap.it/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/log.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 04:13:36 GMT
content-encoding
br
last-modified
Sat, 19 Nov 2022 08:38:34 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"6378960a-6b2b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3600
x-cdn-pop
sbg
accept-ranges
bytes
content-length
10532
x-request-id
664371414
expires
Tue, 13 Dec 2022 05:13:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 09:04:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YFDmwqI67iyEQQCu4hPoEOom2F3GG7tzA6HrMnSqELj2jsZ22Pps+U0//CIJf9KYtqGxCzPDLNUejzmJp5g/fQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
breaking-news.json
telegra.fi/storage/ 		306 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/breaking-news.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d0ccfb1930b45a4ce93afa927532438d6aa370c3429d603f58363e595976cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Dec 2022 10:07:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6399a07d-132"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BaZJWbAtCEwV5lB4Ps28FsW94MGpewZs9k55LwAbg1KHY5gk3sRZrVcjB2%2BKHqBIIR1NwtDjWCchCsJISTXDyq9m2LPKvzg%2F6hzSdDzDlL0wEXH8%2BHZ5iGqH7r4SIybjxksQ7hzMFub"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e02f6be57faea-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
all.json
telegra.fi/storage/trending/daily/ 		527 KB
131 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/daily/all.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84b92908af048658067ce5b3a32e6b075c8665c865beab04c5e01198c3fa72ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 23:03:27 GMT
server
cloudflare
etag
W/"639a563f-83abf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9UvozDShbTUEqq2mhf7TBsKzx5c65YjCVE0SKU%2FDO2Ew%2BSZFPaeFXt0ZGUfKtUQGvGImoA9j%2BSFyj1I8IgqQWiaSsbOr00HObYrEYZZi1IUbMCfc2beMkXNILUIKbcKXxHbIFvQqt0i"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e02f6be5afaea-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame B21C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221215
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=Z6qPw5yL3uTQpoB3EKAVYlXBn75ceS7sTAa5Agbx60s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18205
x-jsd-version
1.0.1556
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-7f8qDY2VEq3Tg9Q/RU9Vxgw1xIU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc08L72RJXJ1yKiADL694aY1TE7EBvGRVBf%2BjnDJc41E0VMmjMRXluTv4AqllGuzy3nLH%2BNZFhZi1xrPCExVt6sSMK99DdGIcncw3cJSbvdpW16cSKjiKtV%2BlzLQXlS%2FPwTBjgYoNV%2BrhSavYS8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
779e02f708a39274-FRA
bid
central.gjirafa.com/ Frame B21C 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.gjirafa.com/bid
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=Z6qPw5yL3uTQpoB3EKAVYlXBn75ceS7sTAa5Agbx60s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTlBdyW3QNhsX9eN3eoOGSJUxDa49dPuuAOZhSdKdWrMrk%2BV1z34ZF7zFWkLxEXrxwX3P29CEAQTuizhkghybFgPbvBLiFrumPlxXfR3PvZ3D9rQyhdGAsCu4UK%2Fk4nx65quQ%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
779e02f6c8249125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
cmp2ui-en.js
cmp.quantcast.com/tcfv2/45/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 10:31:42 GMT
content-encoding
br
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
167563
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Nov 2022 18:23:24 GMT
server
AmazonS3
etag
W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
Npo_1a6FanMKFVMNyJ47aHKk8VcbYZlVYW7215XuNZ1LZzpY3i9yRw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		350 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=telegrafi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be4ccf6f0f6b7abd06c20fafd905b6f0a4b0bc521a9189ec1fe19eb38dcd9582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:38 GMT
content-encoding
br
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
21826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 15 Dec 2022 03:00:33 GMT
server
AmazonS3
etag
W/"f4313acb56a2e62fd3bead72cb60cc84"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
NJ-E7njk61y2eSLfNV2DSR3J-BdQhhe49M8H8URUINyjTAYj2JEhew==
cntdata.aspx
ads.futureads.io/ 		48 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntdata.aspx?query=visitorid&containeroid=2cf8f785-be88-4b95-9c42-2572462cb580&referrer=&pageurl=https://telegrafi.com/
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
1449338e293b530a4f6e0b8000041e8065aaa7cbe77c5517fd51a77bbcc4101f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://telegrafi.com
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
260833360772983
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260833360772983?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0c2fd316d98b565311b9610e8b7855897e15c37718a91a4c997419476f2719b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 09:04:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86004
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pCry1VcfF2/SGur3YGUu5TFkLBfjrFnVlGcAzkkEytfvUgY/vnUgvm1kr9cQ+Xu2ZusghXWeglpovszWkPR+bA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
invisible.js
telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6CD2 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1f513937d70e994867129a0c9ad33b6110b85e72472938655ccf7c980f7fa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QsOvy%2FmmCc1kyF%2FyNORbi7cw6jF9VJ8tRw%2BLKcQJEszFIceEpA4zJ1evj%2Fg6SXPCbRqYIdsi0emVRY8TYsw1nPYav3hAsScpS3%2F4Tn%2Fvxt5zECLOLcO3ajOU03%2BmBWc7EQzJTpvGWy1XKKc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
779e02f74e0e926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		52 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5d7077a30dfc7c91cff8cdb8af3b8db14ac790cf886d6127c2b4f63648cfa3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
telegrafi.com.js
u.heatmap.it/conf/ 		42 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u.heatmap.it/conf/telegrafi.com.js
Requested by
Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5a001026a742c5e6f68c2a6a9ccf596bf388714ad22db31bb78bd7c55d68d540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:10 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
content-type
text/javascript;charset=UTF-8
cache-control
max-age=300
x-cdn-pop
sbg
accept-ranges
bytes
content-length
47
x-request-id
22873004
expires
Thu, 15 Dec 2022 09:09:10 GMT
konate-messi-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/konate-messi-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba13bc8504c827c0d0e1ae7befe2610bbeb05ec46ec41e673b18fab5e3481255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1987
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18682
pragma
public
cf-bgj
h2pri
last-modified
Thu, 15 Dec 2022 08:06:01 GMT
server
cloudflare
etag
"639ad569-48fa"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AapQk7LF0uXCerd%2BEFPPD4qiz2bg2bdKLBXs2wCeCHd%2F5WUe6fHr9jsBSlSSqI0eJt1M27aBAzLHcNmTFwLquy8BaqGW0AOttU2zQS4TeLIcSKzDGljqXEoRAeu2T0wr1ctiaEkfRjkWDSkf"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02f7cedf926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 08:30:20 GMT
PDK-dhe-Mediat-foto-Ridvan-Slivova-380x233.jpg
telegrafi.com/wp-content/uploads/2022/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/06/PDK-dhe-Mediat-foto-Ridvan-Slivova-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951c3b22ff10307ef143d4c47b0939bc203173fdfe0b3bd5f2be34f2551cf0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8897
pragma
public
cf-bgj
h2pri
last-modified
Sun, 05 Jun 2022 12:39:55 GMT
server
cloudflare
etag
"629ca41b-22c1"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjVMh1BH3pvEbGwYPfyy6eBS60hSfFNkO2qNTm6C7OIasE%2BT44M0FuZzl2RS9KRpm3xIs9zERkuDze8k9jwIdWqXC6UO4UzlY113%2BSWI%2B2lIoTY9adULB%2FkybXTl1WWi87tnSnr4FMvotG80"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02f7cee2926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 08:31:29 GMT
Flamuri-i-Kosoves-dhe-i-BE-se-foto-Ridvan-Slivova-03-780x439-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Flamuri-i-Kosoves-dhe-i-BE-se-foto-Ridvan-Slivova-03-780x439-1-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c9901542e5995d35db995bc7c8e55e0712e91c8adc01f49c53806d7c9504b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5845
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20483
pragma
public
cf-bgj
h2pri
last-modified
Thu, 15 Dec 2022 07:24:12 GMT
server
cloudflare
etag
"639acb9c-5003"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bionIL7Yg798v1r2ryDF%2FLt1PPrOs%2FrKeA1E1bEy0pcYTvNw0GpHeJ%2BcMEY77n%2FWpYI7TjP%2BeBBOnrs5731TeMwwMknljok%2BfA1evYc35Q11Xru1yo0Pc6M3o8SXkr%2BXWKLPkulIZM9rP0xl"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02f7cee4926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 07:24:50 GMT
1-95-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/1-95-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6cd1e0bcd667e49b66328e644330d83b53339dca84edecbb914bfd9e4964ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5862
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25938
pragma
public
cf-bgj
h2pri
last-modified
Thu, 15 Dec 2022 07:26:06 GMT
server
cloudflare
etag
"639acc0e-6552"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=By0J8jmBrYRaYE2299Q3DToXHjQN5p3jOAtxb9Vp0yo6N6MPWCZkNQdu%2BwpyekdMbNKDbfCJd1e5vYolMTmrx3DEdRP%2BBFGL3t5154sAGBzlTzZOwA6r6PfDgYYkypGz8atcNI93PW2mPRpp"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02f7cee5926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 07:26:26 GMT
PR-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/PR-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056fd1d4b77d12316fc14a6ad64a78a3db47e719680fc01930aa89ad5bd385b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
916
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35426
pragma
public
cf-bgj
h2pri
last-modified
Thu, 15 Dec 2022 08:46:49 GMT
server
cloudflare
etag
"639adef9-8a62"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zc%2Bam9UN0FcgFMWO4EzT9sV69uNiwtlbiyWf3bVvHCgyeTDEma%2FGQY2uCoR4AIFwB5dg2CkX1zKKdg8d3BOD3k1wFkh7khMbnmg2Un5kBd%2BcnejrtxJKtjTkANBI%2BBKCjIKUHD5G9368xOkb"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02f7cee6926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 08:47:47 GMT
/
adx.adform.net/adx/ 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=3&pv=1&bWlkPTM5OTQ2MQ&url=https%3A%2F%2Ftelegrafi.com%2F&callback=_adform_cb_1671095064311_32064292741246736
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b752cb4976e7ec23d80599b209396750d2abfabe766bdbae74edc2a1461a1d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
dsp.aspx
ads.futureads.io/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=7595495926019220&cpv=525b034c-93f9-e060-7080-5362f1e2a625&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%221ddaabda-299e-e351-0248-b06c9ae39162%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22223fb575-3729-9d1f-82ee-972f896a6e79%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
2c6b82d79ce5ea42664dd6536b0e1736918d39c1eb5787036eab80e957cfd47a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
3590
X-Xss-Protection
0
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2F&rl=&if=false&ts=1671095064332&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671095064332.903140669&it=1671095064153&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 09:04:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%225DC2nemX4YAUu%22%2C%22domain%22%3A%22telegrafi.com%22%2C%22publisher%22%3A%22Telegrafi%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%225cgHr8lNOUMyKG0uXbj0jQ%22%2C%22clientTimestamp%22%3A1671095064345%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-guy4dzk5ykaf8kxp9k5a%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.14.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-14-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 09:04:24 GMT
content-length
2
content-type
text/plain; charset=utf-8
telegrafi_logo.png
telegrafi.com/wp-content/uploads/2017/02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/02/telegrafi_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54bf38cbd1e24686b4d06e6eef66bdabe95db066455b22dfcf30a94d52fb9d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8647927
cf-polished
origSize=17280, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2344
pragma
public
cf-bgj
imgq:100,h2pri
last-modified
Sun, 12 Feb 2017 14:51:09 GMT
server
cloudflare
etag
"58a0765d-4380"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QT5Z7FPAx9%2FW%2BXjhHTKfLa5YzWhh9UDW8r2Z%2Fs5IjIt0ZyhIS84zImBBkNlAbcp3zN93au%2Bx9ocknIlhqyBtVXxSuxXUrz7WvTD9ZINkfcTPRljnN0wQ2SGi1ZOUNj2sHhAyl7HmB%2BNvDqc"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e02f84fcb926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 06 Sep 2023 06:51:05 GMT
pv
eu6.heatmap.it/log/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu6.heatmap.it/log/pv?pid=4408&u=https%3A%2F%2Ftelegrafi.com%2F&tpl=.&pt=Lajmet%20e%20fundit%20-%20Telegrafi&t=419534
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.202.74.47 , France, ASN16276 (OVH, FR),
Reverse DNS
eu6.heatmap.it
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:24 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
0
Expires
Thu, 15 Dec 2022 09:04:23 GMT
pica.js
telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6CD2 		19 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c71e98b10b2937e5505301cd665d7357e91bcc5c92e1401a895f61f322e571

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLdzB14hXZQKFbQIb3eB5pEYn7GIWVtSKxXTDCGIqpj73ZjsPYx6H1cIZhX2uWD8mY9wVs9mYUd9MGiQB09nNSkJr6VE3bf5Ha1BCTAZkNU%2FUkvAKkxeQ0AqWgxhUPDfloNdiHVAtLIeZCWB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
779e02f8782b926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cntcm.aspx
ads.futureads.io/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=ca106e6e-5933-44a6-8506-1ca41a81459f&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&userid=9bf13ff6806e41b5b6c9a5d24ce946ba
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=data-from-dom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
1671010522391.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010522391.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
898457a53e75ec77c298e7dc3b8386046a056d223255f0bfb0c979d63dcc059f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:24 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb1a9-00639a64d6-2a882d-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32118
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
2320108
x-77-nzt
AdRmOMF7YNz/dn0AAA
x-accel-expires
@1671667746
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"4c212470348379343a5462031eef251e"
x-77-nzt-ray
nUou8D5AOOE
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
AGSKWxWS5_CVhKk2t-He_HYMKi9bi9jvdbF299QIL-27lwWHRRUSuXaI6EkbB8y1RBJxhWv04Hf1iJnjRY4lVrmGTX8=
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWS5_CVhKk2t-He_HYMKi9bi9jvdbF299QIL-27lwWHRRUSuXaI6EkbB8y1RBJxhWv04Hf1iJnjRY4lVrmGTX8=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMDk1MDY0LDUwNzAwMDAwMF0sIjlERkMwRjE0LUY4OEQtNDc4Qy04MkYyLTEwMkU1NEM4MjE4MiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsZmFsc2UsZmFsc2VdLCJodHRwczovL3RlbGVncmFmaS5jb20vIixudWxsLFtbOCwiT2dYb2wtLVRfTTQiXSxbOSwiZGUiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.OgXol--T_M4.es5.O/d=1/rs=AJlcJMwY2736qfvOgEFeTsZ2ae4fQQLYVw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e20a8ee64ff29fdff34f921f70f6ecb18eeb684f38a9ca412855b79de1d3cb1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T5x6NY4CkxkNOzotyOo-_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-T5x6NY4CkxkNOzotyOo-_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: telegrafi-cdn.relevant-digital.com
URL: https://telegrafi-cdn.relevant-digital.com/static/tags/62f105d3882a87c73c163762.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1422 / 71 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 09:04:24 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftelegrafi.com&pubid=1a483349-a0bd-4e8f-8469-5e75d67e111f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:09:11 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
10513
x-cache
Hit from cloudfront
access-control-allow-origin
https://telegrafi.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
mB_A-HKNOoqrTc9agcKX_91v1iCUV76b0YVT4kweKbTs5Iw6KdDqgw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftelegrafi.com%2F&pid=NWFB30KuHHkWE&cb=0&ws=1600x1200&v=22.1212.1511&t=1000&slots=%5B%7B%22sd%22%3A%22leaderboard-ad-gam%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22980x150%22%5D%2C%22sn%22%3A%22%2F22646657118%2Fhomepage_leaderboard_1%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22ad-id-%2F22646657118%2Fhomepage_box_1-8924079854862792%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x400%22%5D%2C%22sn%22%3A%22%2F22646657118%2Fhomepage_box_1%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22ad-id-%2F22646657118%2Fhomepage_box_3-8915804139597634%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x400%22%5D%2C%22sn%22%3A%22%2F22646657118%2Fhomepage_box_3%22%2C%22kv%22%3A%7B%7D%7D%5D&pubid=1a483349-a0bd-4e8f-8469-5e75d67e111f&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A30000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-236.fra6.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA6-C1
x-amz-rid
KWCMYV2CPC5R46MHH9FN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://telegrafi.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
pfb5enNDKCwv-PYQguJR0eU-F7iPUotNcYTSi3GsDTIX87Q4A6fEUA==
1671010526344.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010526344.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e469a70c9bc4b220109d1bd323e36e290327bf8e78a2d5b744826300e73dc5e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:24 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb076-00639a64cc-2a882d-eu-west-1
age
12
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32118
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
2612072
x-77-nzt
AdRmOMHjSRn/dn0AAA
x-accel-expires
@1671667746
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
"e239c3151c376063aad5042d50348144"
x-77-nzt-ray
4B9h3o3mHZc
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
e1eee23f36481a69453f.b.js
scripts.futureads.io/scripts3/51428/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:01 GMT
server
nginx
etag
W/"6375fd75-702f"
vary
Accept-Encoding
x-cached-since
2022-12-12T19:51:16+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Tue, 05 Dec 2023 19:50:21 GMT
fdabe098f34289659a17.b.js
scripts.futureads.io/scripts3/51428/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/fdabe098f34289659a17.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:02 GMT
server
nginx
etag
W/"6375fd76-a793"
vary
Accept-Encoding
x-cached-since
2022-12-12T19:51:17+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Tue, 05 Dec 2023 19:50:21 GMT
84011c43c3075e543c6d.b.js
scripts.futureads.io/scripts3/51428/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:54 GMT
server
nginx
etag
W/"6375fd6e-326c"
vary
Accept-Encoding
x-cached-since
2022-12-12T19:51:17+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Tue, 05 Dec 2023 19:50:21 GMT
7103cce7fa6705169441.b.js
scripts.futureads.io/scripts3/51428/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/7103cce7fa6705169441.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:53 GMT
server
nginx
etag
W/"6375fd6d-2a79"
vary
Accept-Encoding
x-cached-since
2022-12-12T19:51:17+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Tue, 05 Dec 2023 19:50:21 GMT
f744d5275c14e0b3b41a.b.js
scripts.futureads.io/scripts3/51428/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/51428/f744d5275c14e0b3b41a.b.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:23:02 GMT
server
nginx
etag
W/"6375fd76-360b6"
vary
Accept-Encoding
x-cached-since
2022-12-12T19:51:17+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Tue, 05 Dec 2023 19:50:21 GMT
sync.html
s.adtelligent.com/ Frame 72AA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=7595495926019220&cpv=525b034c-93f9-e060-7080-5362f1e2a625&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%221ddaabda-299e-e351-0248-b06c9ae39162%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22223fb575-3729-9d1f-82ee-972f896a6e79%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
90713f8d1e0938d68cc07ae054e07fd92e4abacdf3c6e794641922820bd26147

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://telegrafi.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1360
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 959E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=7595495926019220&cpv=525b034c-93f9-e060-7080-5362f1e2a625&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%221ddaabda-299e-e351-0248-b06c9ae39162%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22223fb575-3729-9d1f-82ee-972f896a6e79%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame DB0F
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=7595495926019220&cpv=525b034c-93f9-e060-7080-5362f1e2a625&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%221ddaabda-299e-e351-0248-b06c9ae39162%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22223fb575-3729-9d1f-82ee-972f896a6e79%22%2C%22tagid%22%3A%22cae5915e-c058-46c1-bc6a-f1347266ceff%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_cae5915ec05846c1bc6af1347266ceff_zone_97654_sect_37317_site_31670%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
4112760bd40a3e1e9870034e7b736d161dbc299c39e94674a45aba76fe91c3c2

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 09:04:24 GMT
expires
Thu, 15 Dec 2022 09:04:24 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 15 Dec 2022 09:04:24 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=9bf13ff6806e41b5b6c9a5d24ce946ba
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
H2
Server
167.235.33.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.113.33.235.167.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
date
Thu, 15 Dec 2022 09:04:24 GMT
server
nginx
etag
W/"b4860d11d6c12521f23a8790f8d110b634860fdf25cc6719a78c348c59e4f253"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=03671d7b-c76f-45e5-984a-378b66f28e2a
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=03671d7b-c76f-45e5-984a-378b66f28e2a
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=03671d7b-c76f-45e5-984a-378b66f28e2a
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 15 Dec 2022 09:04:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=9bf13ff6806e41b5b6c9a5d24ce946ba&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=9bf13ff6806e41b5b6c9a5d24ce946ba&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://inv-nets.admixer.net/bs/cm.aspx?id=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&consent=&gdpr_pd=
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
//inv-nets.admixer.net/bs/cm.aspx?id=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&consent=&gdpr_pd=
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D9bf13ff6806e41b5b6c9a5d24ce946ba
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D9bf13ff6806e41b5b6c9a5d24ce946ba&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Y0MDI4MzQtOUJFRS00QkE0LUE4NEMtQjk1OTREMTkzMTY1&gdpr=0&gdpr_consent=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
an.yandex.ru/mapuid/targetrtbis/
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=admixer&id=9bf13ff6806e41b5b6c9a5d24ce946ba
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
  • https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 15 Dec 2022 09:04:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/targetrtbis/?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 15 Dec 2022 09:04:25 GMT
cs
cs.yellowblue.io/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY4NjE3NDQtOTlENC00Mzk2LUE5NkEtM0ZBN0NGMUYwQzgw&gdpr=0&gdpr_consent={consent}
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY4NjE3NDQtOTlENC00Mzk2LUE5NkEtM0ZBN0NGMUYwQzgw&gdpr=0&gdpr_consent={consent}&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
  • https://cs.yellowblue.io/cs?aid=11576&id=9bf13ff6806e41b5b6c9a5d24ce946ba
0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
H2
Server
35.175.58.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-58-50.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://telegrafi.com/
date
Thu, 15 Dec 2022 09:04:25 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=9bf13ff6806e41b5b6c9a5d24ce946ba
date
Thu, 15 Dec 2022 09:04:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
100
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D9bf13ff6806e...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=78c97ab0-7c57-11ed-8bc6-801844df0ab8
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=ff63c8ee-81a7-525d-adad-625cce378145&ssp=lemma&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=78c97ab0-7c57-11ed-8bc6-801844df0ab8
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=247fa1b9-406c-4acc-a8db-2e02257696c4&user_group=1&ssp=lemma&bsw_param=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=865905ec-dccc-4e7e-a799-fdb4100d6922
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=9bf13ff6806e41b5b6c9a5d24ce946ba78c97ab0-7c57-11ed-8bc6-801844df0ab8
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=9bf13ff6806e41b5b6c9a5d24ce946ba78c97ab0-7c57-11ed-8bc6-801844df0ab8
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:26 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=9bf13ff6806e41b5b6c9a5d24ce946ba78c97ab0-7c57-11ed-8bc6-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OWJmMTNmZjY4MDZlNDFiNWI2YzlhNWQyNGNlOTQ2YmE=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OWJmMTNmZjY4MDZlNDFiNWI2YzlhNWQyNGNlOTQ2YmE=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEFMse_w7RPtaemG1-0Z-fwg&google_cver=1
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEFMse_w7RPtaemG1-0Z-fwg&google_cver=1
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESEFMse_w7RPtaemG1-0Z-fwg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEAnJpz4ihenR143quvCfypI&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=aa37fa17d5b54818b28c078cfa2164e0
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=aa37fa17d5b54818b28c078cfa2164e0
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=aa37fa17d5b54818b28c078cfa2164e0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=9bf13ff6806e41b5b6c9a5d24ce946ba&redir=[RED]
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=9bf13ff6806e41b5b6c9a5d24ce946ba
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=9bf13ff6806e41b5b6c9a5d24ce946ba
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Server
54.217.130.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-130-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0227c85fb.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vpUmNbd8S0U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
wxnrfMYpTDg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=9bf13ff6806e41b5b6c9a5d24ce946ba
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync.html
s.console.adtarget.com.tr/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.58 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT, Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
admixer-sync
rtb.com.ru/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/admixer-sync?uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15-Dec-2022 18:04:25 +0900
Content-Type
image/gif;
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync
t.adx.opera.com/ 		35 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=ff63c8ee-81a7-525d-adad-625cce378145
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=ff63c8ee-81a7-525d-adad-625cce378145
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=ff63c8ee-81a7-525d-adad-625cce378145
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ 		43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vloGtMSI4e%2BHfa%2B8G2GpqswDbMltqez8anPyd%2F4Kt4T5P6RWSLtdsU5uMybkJnmgJLPzs7b7B7uXg%2BZPFt3MCOFQSu2cwhpD5ePtKdpo1SLo%2FShUarQ9%2Fk2fRvL4rHYx%2B6fy77rUmUPGhw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779e02ff1bc89bb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-oX8hn.ZE2uFcUHca7hd8SWPoYwyt_99f04MVizM-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-oX8hn.ZE2uFcUHca7hd8SWPoYwyt_99f04MVizM-~A
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-oX8hn.ZE2uFcUHca7hd8SWPoYwyt_99f04MVizM-~A
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=OWJmMTNmZjY4MDZlNDFiNWI2YzlhNWQyNGNlOTQ2YmE=&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEDV8mZhJ4L6huFyN6QqDM6Q&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=b2011afcd891426d91d8cb1b5922e995
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=b2011afcd891426d91d8cb1b5922e995
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=b2011afcd891426d91d8cb1b5922e995
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z23F6455B0744639ADA18D21ABC19D1D&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
56 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z23F6455B0744639ADA18D21ABC19D1D&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z23F6455B0744639ADA18D21ABC19D1D&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=9bf13ff6806e41b5b6c9a5d24ce946ba
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
setuid
ib.adnxs.com/ 		43 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=9bf13ff6806e41b5b6c9a5d24ce946ba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
e4d0831d-3c00-4eb1-b7c5-cb0bb31230c2
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
779e02ea5f2cbb83
telegrafi.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6CD2 		2 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/cv/result/779e02ea5f2cbb83
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hv71QnC9oLEO5COSmcluNXJ%2FSYSwhq%2BKcH5g6a0zZesTib2u7wPeGLZxiO5WWVwEWlK5KgWSqhcyY4A2072MY0jstExUEyqYKJQbSzGqI%2F6zIA8%2Fbuv8aW3MSKE0jfvavCIvNt9qjIB2mr4z"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
779e02facc1a926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
end
central.mall.tv/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://central.mall.tv/analytics/end
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.39.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://video.gjirafa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://video.gjirafa.com
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779e02fb7be2697b-FRA
date
Thu, 15 Dec 2022 09:04:24 GMT
server
cloudflare
x-powered-by
ASP.NET
end
central.mall.tv/analytics/ Frame B21C 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://central.mall.tv/analytics/end
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/lib?v=Z6qPw5yL3uTQpoB3EKAVYlXBn75ceS7sTAa5Agbx60s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.39.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://video.gjirafa.com
date
Thu, 15 Dec 2022 09:04:24 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779e02fbdc7a697b-FRA
x-powered-by
ASP.NET
ptag
a.audrte.com/ Frame DB0F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6d0e3b224070371ae3378d95d725a01f8667d8d9207b396f2417ca85e0149881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame DB0F 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 14 Dec 2027 09:04:24 GMT
um
u-ams03.e-planning.net/ Frame DB0F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D762dc735e98a9081%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams03.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D762dc735e98a9081%2526uid%253D%2524UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=762dc735e98a9081&uid=5437143918759245556
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=762dc735e98a9081&uid=5437143918759245556
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server
openresty
date
Thu, 15 Dec 2022 09:04:25 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
4e523e71-8812-421c-abba-bfa9b1969310
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=762dc735e98a9081&uid=5437143918759245556
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame DB0F
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D762dc735e98a9081%26uid%3D%24UID&partner=eplanning
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1a...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzYyZGM3M...
  • https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE...
0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzYyZGM3MzVlOThhOTA4MSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIGEjgC
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-47
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NzYyZGM3MzVlOThhOTA4MSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIGEjgC
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
v1
match.sharethrough.com/universal/ Frame DB0F 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.155.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame DB0F 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 14 Dec 2027 09:04:24 GMT
usync.html
eus.rubiconproject.com/ Frame 24D0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 09:04:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 09:04:24 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 3B97
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
882b9134faf7e6f109299fe257c0db3058b402eda176df474db1377d1157e987

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779e02fc395e996e-FRA
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLLIhdyhYdRLCC5WZQDQAtPW7uYU9aaIbIzSk8R28MIddy8FCEqGSgbw2fdbjXXqYVFGsXl%2Bc8s1T4%2FofeYg9CpqbZDrIesA8dxEw0Is5oirwv9xUA3Qz9rl4LfEMWKhZl04wK2i"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779e02fbbdc5903d-FRA
content-length
0
date
Thu, 15 Dec 2022 09:04:24 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iq5ZEOe85huxb368zGd0EPM9JwBHgWU4ASKrPSwfr2OFjfsGEBpiy2jAbsQES5yuRjaSAiyVvxnSSWX%2Brb%2BccXUDMSm8qDnY0Nf827U7liQ%2FMw9133OMzx%2BGwCnJuKgpMEEi04fV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 6D91 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 15 Dec 2022 09:04:24 GMT
etag
W/"61ddbb71-5f5"
expires
Wed, 20 Oct 2027 17:11:26 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
f845ccd5775a321f81a55513fcd1f0df
x-cf-tsc
1666372287
x-cf1
29080:fF.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame 2155 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2138d781cdedd47cb2160db83a0a80dc1e94e0ca7569a29b97f21e7def5eaec

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
779e02fb98549049-FRA
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 09:04:24 GMT
server
cloudflare
vary
Origin
via
1.1 google
AGSKWxV9CF0lhtxvebtzax0rioqW39xzkigrKkKeezTvE-wQg6bCIPGWz6Ww6xC2zBBiIRsrN9m0fZmtjpG00I8osUUjMH_ECl03t5itoaMiClUOrshd8vgMUit-7qnScRH54f0rk93PAw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV9CF0lhtxvebtzax0rioqW39xzkigrKkKeezTvE-wQg6bCIPGWz6Ww6xC2zBBiIRsrN9m0fZmtjpG00I8osUUjMH_ECl03t5itoaMiClUOrshd8vgMUit-7qnScRH54f0rk93PAw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMDk1MDY0LDg0OTAwMDAwMF0sIjlERkMwRjE0LUY4OEQtNDc4Qy04MkYyLTEwMkU1NEM4MjE4MiIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMCwwXSwiaHR0cHM6Ly90ZWxlZ3JhZmkuY29tLyIsbnVsbCxbWzgsIk9nWG9sLS1UX000Il0sWzksImRlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.OgXol--T_M4.es5.O/d=1/rs=AJlcJMwY2736qfvOgEFeTsZ2ae4fQQLYVw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
958e0ef6252b25a08c297d0d044147ba78d5b7fe2dee20dc64138a410bcc24fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6Ah5Zigt_D2uSWWqC65qyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-6Ah5Zigt_D2uSWWqC65qyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
confirm.js
cdn.admixer.net/scripts3/ 		144 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/confirm.js
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e4f189ce94a53b6316c93df795e04c79f2d0aaf5ae29cacf8dfcc6a3ae705f4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:41 GMT
server
nginx
etag
W/"6375fd61-23f9b"
vary
Accept-Encoding
x-cached-since
2022-12-13T04:29:54+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 14 Dec 2023 04:29:54 GMT
crevt.aspx
ads.futureads.io/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.futureads.io/crevt.aspx?cc=DE%2FNW%2F2850174&am-uid=9bf13ff6806e41b5b6c9a5d24ce946ba&zone=CAE5915E-C058-46C1-BC6A-F1347266CEFF&device=28&rule=EDC1D578-0CD9-4407-973C-7EC39A5D3770&requestId=86f4946e-d239-4f64-8065-c2d54b0c3936&hp=2046853741&page=telegrafi.com%2F&ts=638066918645532438&ap=MC43ODA5NTIzOA%3D%3D&asign=-1123210891&markups=ZG1wZj0wJmRtcHA9dHJ1ZSZjcnRmPTAmY3J0cD10cnVlJmNydGF0cz0wJmFkbWY9NSZhZG1wPXRydWUmdGRmPTAmdGRwPXRydWUmdG90Zj0wJnRvdHA9dHJ1ZQ%3D%3D&sync=98%2C3%2C96%2C57%2C88%2C80&bt=3&carr=Keyweb+AG&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=7&extpubid=4D8BA46E-AAF8-4606-9B52-4016F6473A9F&inst=ADS-EU-7&pxl=0&pvid=f99773a7-d522-4a5b-a3ca-08a32756096d&ip=217.114.218.20&item=24FAB26C-F981-4A83-89F0-B803FC536C71&crid=24FAB26C-F981-4A83-89F0-B803FC536C71&size=780x439&profile=3219956B-323B-4510-AB1F-E474C8CBE9E9&isopt=0&adv=N%2FA&dsp=Future+Ads&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Ftelegrafi.com%2Ftoka-ne-lagjen-dardani-prizren-eshte-ne-shitje%2F&cet=4&pp=${AUCTION_PRICE}&curr=${AUCTION_CURRENCY}&sw=[e=screen.width]&sh=[e=screen.height]
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.108 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
d82853dc-f932-42b6-a3c3-f4b60b52c824.png
c1.futureads.io/test1/96101650-fb65-4657-b806-6d42955c3cbc/ 		678 KB
679 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.futureads.io/test1/96101650-fb65-4657-b806-6d42955c3cbc/d82853dc-f932-42b6-a3c3-f4b60b52c824.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
c5ae442d03bb5eb4b6ff489d294efce9b49c309d6779c1b9573bbc57c262ac6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 23 Nov 2022 09:11:51 GMT
Server
nginx
ETag
"637de3d7-a986f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
694383
Expires
Sat, 16 Dec 2023 09:04:25 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=Microdata&dl=https%3A%2F%2Ftelegrafi.com%2F&rl=&if=false&ts=1671095064879&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Lajmet%20e%20fundit%20-%20Telegrafi%22%2C%22meta%3Adescription%22%3A%22Telegrafi%20i%27u%20sjell%20n%C3%AB%C2%A0koh%C3%AB%C2%A0reale%2C%20sekond%20pas%20sekonde%20informacione%20dhe%20lajme%2C%20k%C3%ABshilla%20dhe%20analiza%20nga%20t%C3%AB%20gjitha%20sferat%20e%20jet%C3%ABs.%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Portali%20Telegrafi.com%22%2C%22og%3Adescription%22%3A%22Portali%20Telegrafi.com%20%C3%ABsht%C3%AB%20portal%20i%20pavarur%20informativ%20dhe%20m%C3%AB%20i%20vizituar%20n%C3%AB%20gjuh%C3%ABn%20shqipe.%20I%20udh%C3%ABhequr%20nga%20nj%C3%AB%20staf%20profesional%2C%20Telegrafi.com%20arrin%20t%C3%AB%20azhurohet%20me%20lajme%20n%C3%AB%20%C3%A7do%20koh%C3%AB%20nga%20rubrika%20e%20Ekonomis%C3%AB%2C%20Sporti%2C%20Magazina%2C%20Kultura%2C%20Lifestyle%2C%20Sh%C3%ABndet%C3%ABsi%2C%20Teknologji.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftelegrafi.com%2F%22%2C%22og%3Asite_name%22%3A%22Telegrafi%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftelegrafi.com%2Fwp-content%2Fuploads%2F2016%2F03%2F00.Telegrafi.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22%23website%22%2C%22url%22%3A%22https%3A%2F%2Ftelegrafi.com%2F%22%2C%22name%22%3A%22Telegrafi%22%7D%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671095064332.903140669&it=1671095064153&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 09:04:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
1671010530350.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010530350.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a886a7694df82fa71f74dd061661ba62fe1865e8e34dfec7ea5ec48b1c0c5d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:24 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000006850ff-00639a64da-2a8896-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32117
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
3037704
x-77-nzt
AdRmOMFfQeb/dX0AAA
x-accel-expires
@1671667747
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"6613237abed690cc8addbf2c93a89de3"
x-77-nzt-ray
rK3EZ0k1ypQ
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
invisible.js
telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6CD2 		40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f337782490f9112432f404d62ba219f92427c8e29e062c951141d75a9056cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9esLpXP8pGCID9uGqCRaIFwv%2F8C0rJ1MswLinGQ552%2FzFTaFb08%2Fm070W%2BsNNvgVmLZ24%2BZ1L89M3RG5XGhOh%2F4rf%2B1sYpRX6rFaJkErHzvtXCyUPnToIIT2yBTGetd7unkPOC1nQtARsPjo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
779e02fbbd9c926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getuid
ib.adnxs.com/ Frame 2155 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 2155 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=ed5c6ab2-9b09-4437-af51-2e5547bed36d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ed5c6ab2-9b09-4437-af51-2e5547bed36d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fcfaa99049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://mwzeom.zeotap.com/mw?cid=ed5c6ab2-9b09-4437-af51-2e5547bed36d&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 2155 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2155 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 2155 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 15 Dec 2022 09:04:24 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671095065.982896,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn-etou8220052-HHN
u
dmp.v.fwmrm.net/ad/ Frame 2155 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:128:1::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Content-Type
text/html
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2155 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D00902228-87bf-4289-6537-a3d3ccee921c%26reqId%3D210753a0-6c48-42c1-40e2-b740131ccb58%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 09:04:23 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=ad90d04a-560c-48b8-9d12-20ea82e4961c&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ad90d04a-560c-48b8-9d12-20ea82e4961c&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ff7fba9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=ad90d04a-560c-48b8-9d12-20ea82e4961c&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=00902228-87bf-4289-6537-a3d3ccee921c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=00902228-87bf-4289-6537-a3d3ccee921c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=59855220362446940511907137209735770751&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=59855220362446940511907137209735770751&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fe7dbf9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v045-0e1730cee.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kjta5osrQow=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=59855220362446940511907137209735770751&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 2155 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=00902228-87bf-4289-6537-a3d3ccee921c&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022121510-13470-0.130737001671095065-b2ae3972278309af24d6e7f169274cef&zdid=533&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022121510-13470-0.130737001671095065-b2ae3972278309af24d6e7f169274cef&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fe5d7e9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022121510-13470-0.130737001671095065-b2ae3972278309af24d6e7f169274cef&zdid=533&env=mWeb
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7177298652685596820&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7177298652685596820&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fe5d6d9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7177298652685596820&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 2155 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=00902228-87bf-4289-6537-a3d3ccee921c
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00902228-87bf-4289-6537-a3d3ccee921c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=00902228-87bf-4289-6537-a3d3ccee921c&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=ME5i6fFG3MMuQ3zHJJWRyO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=ME5i6fFG3MMuQ3zHJJWRyO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ff3f499049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
via
1.1 google
last-modified
Thu, 15 Dec 2022 09:04:25 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=ME5i6fFG3MMuQ3zHJJWRyO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 2155 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=00902228-87bf-4289-6537-a3d3ccee921c&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
tpid=00902228-87bf-4289-6537-a3d3ccee921c
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 2155 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=00902228-87bf-4289-6537-a3d3ccee921c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.30
content-length
49
expires
0
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-035DF4pE2or1VmzkN_j6TquDZrBFLsK9vw--~A&zpartnerid=570&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-035DF4pE2or1VmzkN_j6TquDZrBFLsK9vw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ff7fae9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-035DF4pE2or1VmzkN_j6TquDZrBFLsK9vw--~A&zpartnerid=570&env=mWeb
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1ioCT5skeBUN0yoD09z7Ev2%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1ioCT5skeBUN0yoD09z7Ev2%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fece6b9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=jJ9Y3RriY1ioCT5skeBUN0yoD09z7Ev2%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 2155 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=00902228-87bf-4289-6537-a3d3ccee921c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2155 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.181.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-181-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n020-dub-prod.krxd.net
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1671095065
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 2155 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/png
date
Thu, 15 Dec 2022 09:04:25 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5rjGQAEKU9NwQAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b74...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5rjGQAEKU9NwQAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&_test=Y5rjGQAEKU9NwQAp
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e030039239049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-hhn-etou8220091-HHN
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671095066.596104,VS0,VE0
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Y5rjGQAEKU9NwQAp&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&_test=Y5rjGQAEKU9NwQAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=2f17639a-e319-4b00-bea5-3a5a540521a7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2f17639a-e319-4b00-bea5-3a5a540521a7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ff7fad9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=2f17639a-e319-4b00-bea5-3a5a540521a7&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 15 Dec 2022 09:04:24 GMT
usermatch.gif
beacon.krxd.net/ Frame 2155
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131c...
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
54.170.181.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-181-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1671095065
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
date
Thu, 15 Dec 2022 09:04:25 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a020-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2155
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-653...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-653...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CZ2R811ZBXF49XF00C5R
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
80Z37TXD7HBBZ0H559SR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=00902228-87bf-4289-6537-a3d3ccee921c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 2155 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=00902228-87bf-4289-6537-a3d3ccee921c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D009...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ffb8229049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
date
Thu, 15 Dec 2022 09:04:25 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 2155 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=00902228-87bf-4289-6537-a3d3ccee921c&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 2155
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=00902228-87bf-4289-6537-a3d3ccee921c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=865905ec-dccc-4e7e-a799-fdb4100d6922&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87b...
95 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=865905ec-dccc-4e7e-a799-fdb4100d6922&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fc496b9049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=865905ec-dccc-4e7e-a799-fdb4100d6922&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 2155 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ffb8369049-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 2155 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932e65624abfc7a96e87351da6d69bf850b893d28e9159aec8002baad02b56bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fc19039049-FRA
access-control-allow-headers
*
pv
bisko.gjirafa.com/ Frame B21C 		68 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/pv?t=1671095064968&guid=75fcad9c44b54a429d01fb51e13d7d3262ff5352325b4ab38c9c337055fed969&sd=4dbfeaa91c44468ab85fbc15379412e7&c=%5B%5D&tg=%5B%5D&tt=Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage%20-%20GjirafaVideo&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&r=https%3A%2F%2Ftelegrafi.com%2F&bl=en-US&sw=1600&sh=1200&h=2&v=5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Av%2FzqXWjCNpjYz%2BPg2C3v5ulcjBdeoAQ%2B07caiv9PkywVS5ndYoHEedh0H1TLCbJ3wsKgd%2BhZD1NtdFAoxU8ocmSYSTM%2FsWCzXgCnuWrcKmk3L1uf4yXK0EdCJxnOqxG7Nb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
779e02fc1c459125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
pica.js
telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6CD2 		18 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d4ee6c2bf439e55183debcc0bbb40e601f3ea8506c337586f60a4c1a31ed4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy%2Fm8LWdNyvPhafV0CD2yp4ZaM9NyzGhO6ThJwzT2OWs64rzpWK6vyP%2FW2H6Ke0CKwDIE96F9ZLbQW%2BU8y%2BITcIcD0SDp36H%2FzsykSzpDPbwsjY9eVhZEQ3fE4FIFDqsAYgQDnym3jH124yn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
779e02fc1e3b926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cmp
spl.zeotap.com/ Frame 2155 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
779e02fc69a79049-FRA
date
Thu, 15 Dec 2022 09:04:25 GMT
server
cloudflare
vary
Origin
via
1.1 google
1671010534382.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		3 MB
3 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010534382.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ad5fd976b8964c2f9e7c54e9347b7c96de689d1cbce605aece3ef7fa0e987612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:25 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb143-00639a64d2-2a882d-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32118
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
3014204
x-77-nzt
AdRmOMFRQfX/dn0AAA
x-accel-expires
@1671667747
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"022b139d3644df9e5435fbc00a9d03f5"
x-77-nzt-ray
UPnfrjkGeoU
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
usync.js
eus.rubiconproject.com/ Frame 24D0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ca40af5b7af04cf167937b617182b5d05d3573a6decb868581a9f76979bd2b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 13:14:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14972
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 13:13:57 GMT
csync
sync.adtelligent.com/ Frame 58DB
Redirect Chain
  • https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=318a6ac9-e17b-4d63-a3c3-2f67944bf23b&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=318a6ac9-e17b-4d63-a3c3-2f67944bf23b&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:24 GMT
Etag
080997fa4c676efe
Server
Adtelligent

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=318a6ac9-e17b-4d63-a3c3-2f67944bf23b&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
server
_
sync.html
s.adtelligent.com/ Frame 810E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
856
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5E65 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20696
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 14:49:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D911 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
d
ic.tynt.com/r/ Frame 08E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
ads.us.e-planning.net/uspd/1/ Frame B896 		2 KB
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
86965e891211cbdbf9481ef6d2412eae314b2f6573fb34bae94f982711ada043

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
Thu, 15 Dec 2022 09:04:25 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
sync.html
s.console.adtarget.com.tr/ Frame 2CB1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.58 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
808fa77fe08764c55b937228eff68dc67e3a796818831d7be932ff2a63a5baf8

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
822
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Adtelligent
X-Robots-Tag
noindex
pixel
ap.lijit.com/ Frame 72AA 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 15 Dec 2022 09:04:25 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 72AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5437143918759245556
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5437143918759245556
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
b097286f-6870-4ea3-87ae-2a803351012a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5437143918759245556
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 72AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5437143918759245556
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5437143918759245556
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
8c09a0c2-b25c-4845-b0cd-e367aaf22e4d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=5437143918759245556
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 72AA
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=73adf05a-8fe7-4390-909d-b114f160a265
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=73adf05a-8fe7-4390-909d-b114f160a265
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=73adf05a-8fe7-4390-909d-b114f160a265
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
arn8q74ptc1cbtj87udep5i5lnttlsjp
csync
sync.adtelligent.com/ Frame 72AA
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=00bfa135-716c-4be1-9b60-990dd91424bf
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=00bfa135-716c-4be1-9b60-990dd91424bf
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=00bfa135-716c-4be1-9b60-990dd91424bf
access-control-allow-origin
*
date
Thu, 15 Dec 2022 09:04:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 72AA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1671095065156
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=356139875
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=356139875
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
RX51082837914e417bb8e49e849bc39952003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=356139875
cache-control
no-store, no-cache, must-revalidate
expires
0
csync
sync.adtelligent.com/ Frame 72AA
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=03671d7b-c76f-45e5-984a-378b66f28e2a
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=03671d7b-c76f-45e5-984a-378b66f28e2a
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=03671d7b-c76f-45e5-984a-378b66f28e2a
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
sync
vid.vidoomy.com/ Frame 72AA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 72AA
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=b2011afcd891426d91d8cb1b5922e995
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=b2011afcd891426d91d8cb1b5922e995
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=b2011afcd891426d91d8cb1b5922e995
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 3B97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELc71E40WKfQrF8_RERdjWY&google_cver=1
43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELc71E40WKfQrF8_RERdjWY&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FVPYyxyBP6ORe5OpXkqupB0jZfe3fknareIi%2BoWJal8C81zv8rWWv%2FFohNwG%2FW5p%2FxB2NBbgIVAqXDkBSRBnkkOdNUiQWkOWMY3sBdCKrGcKB77ufA9fb%2FAZCDwaufWbdaokcdOfe%2BqyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779e02fd9c119b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELc71E40WKfQrF8_RERdjWY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3B97 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3B97
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5rjGLRqg4TjQCUNTyudDwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3B97
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
50E9H0WQRBS8KNZX1XGA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QRH59P77WRDX5902PR6R
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 3B97 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.89.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-89-6.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3B97
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-01cc22a724fa3318b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3B97
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086994825254833814&expiration=1672304665
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086994825254833814&expiration=1672304665
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6086994825254833814&expiration=1672304665
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame 3B97 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-3
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
um
u-ams03.e-planning.net/ Frame 3B97 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=762dc735e98a9081&uid=Y5rjGLRqg4TjQCUNTyudDwAA%261148
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D762dc735e98a9081%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server
openresty
date
Thu, 15 Dec 2022 09:04:25 GMT
content-type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84D9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20696
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 14:49:21 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 7F93 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel.rubiconproject.com/exchange/ Frame 810E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csync
sync.adtelligent.com/ Frame 810E 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:24 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
43
Content-Type
image/gif
ptag
a.audrte.com/ Frame B896 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6d0e3b224070371ae3378d95d725a01f8667d8d9207b396f2417ca85e0149881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1649
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame B896 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 14 Dec 2027 09:04:25 GMT
um
u-ams03.e-planning.net/ Frame B896
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1af181a61147f149%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1af181a61147f149&uid=5437143918759245556
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1af181a61147f149&uid=5437143918759245556
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server
openresty
date
Thu, 15 Dec 2022 09:04:25 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
e46a7c59-df0e-40ef-be5b-b618e37b8078
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1af181a61147f149&uid=5437143918759245556
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
a6da5bf591376177b08e1eb90117169d.gif
cs.iqzone.com/ Frame B896
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1af181a61147f149%26uid%3D%24UID&partner=eplanning
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yO...
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MWFmMTgxYTYxMTQ3ZjE0OSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIaDjgB
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
8.2.111.13 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Redirect headers

location
https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MWFmMTgxYTYxMTQ3ZjE0OSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIaDjgB
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
v1
match.sharethrough.com/universal/ Frame B896 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.155.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame B896 		478 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 14 Dec 2027 09:04:25 GMT
usync.html
eus.rubiconproject.com/ Frame 8574
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 09:04:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 713F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b697397c56a08f29c653e2e3db507bb88fe5866fa5cbcc65968fef098e4cd1

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779e02fd2b73996e-FRA
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MN4ih%2B5cj7dlg8g8wLqvwj5s10D49X2qcKA%2B7dMzY5LpoPn3s0kmqQ62lsZ8oa2S4ndH0uNuUmdIR9nUzCTrGMO%2FVbVQ9hbG%2B2sFkYwgQZcR%2BZHmIiEpeffVoFIfdbZhDIVRhFY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 6801 		1 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
W/"61ddbb71-5f5"
expires
Wed, 20 Oct 2027 17:11:26 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
e188610c702236a787b15f4c3849ee02
x-cf-tsc
1666372287
x-cf1
29080:fF.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
spl.zeotap.com/ Frame B4D9 		760 B
791 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2b11082b9e571d43ba632ed4ac448f46aa16df76c5c17c56510b25beaf653e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
779e02fd2b059049-FRA
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
server
cloudflare
vary
Origin
via
1.1 google
779e02ea5f2cbb83
telegrafi.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6CD2 		2 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/cdn-cgi/challenge-platform/h/g/cv/result/779e02ea5f2cbb83
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671091200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3m2y256aHTqOQXHd4KfaRBhHCDhycVx%2FGtn3%2F2exQFGpg0T4b%2FdumWsR0JKJVQZ1BH3nfxvZp7ggAZgR65f1YxMxDozII3g1Q096vIoVvMfEULic%2BPcKw4N9Kh3weTgcWS3hVXC2sc0cS7d"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
779e02fe4970926b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mw
mwzeom.zeotap.com/ Frame B4D9
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D009...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ffb8339049-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
date
Thu, 15 Dec 2022 09:04:25 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame B4D9 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02fe7dbd9049-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame B4D9 		557 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e01eefbdf14208d4d0bd333bf07b911c4edc370b9456d1dfafeee47063ff10d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
779e02ff3f3a9049-FRA
access-control-allow-headers
*
Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 713F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1fd9:6969:7081:2e2b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 713F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5437143918759245556
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5437143918759245556
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
08eaf850-bd4c-4d0b-8bc1-8016a9362069
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5437143918759245556
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 713F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4b17639a-e31a-4900-87c7-761a3664b2c3
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4b17639a-e31a-4900-87c7-761a3664b2c3
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4b17639a-e31a-4900-87c7-761a3664b2c3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 09:04:25 GMT
Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 713F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:1fd9:6969:7081:2e2b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5rjGLRqg4TjQCUNTyudDwAABHwAAAIB
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 713F
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686819865&external_user_id=f9e95bfd-1e4c-4083-b4be-0b6e5c7fa727
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686819865&external_user_id=f9e95bfd-1e4c-4083-b4be-0b6e5c7fa727
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686819865&external_user_id=f9e95bfd-1e4c-4083-b4be-0b6e5c7fa727
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 713F
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=539d1d91-6608-440d-8204-f0dc6030ca2b&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=539d1d91-6608-440d-8204-f0dc6030ca2b&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=539d1d91-6608-440d-8204-f0dc6030ca2b&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 15 Dec 2022 09:04:25 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 713F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5rjGLRqg4TjQCUNTyudDwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENf9qKQQ2Imwy8KoglLHhYA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 713F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=bm1s1DLl1P5Kad5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-ams03.e-planning.net/ Frame 713F 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=1af181a61147f149&uid=Y5rjGLRqg4TjQCUNTyudDwAA%261148
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1af181a61147f149%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

server
openresty
date
Thu, 15 Dec 2022 09:04:25 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 8574 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.209.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-209-152.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ca40af5b7af04cf167937b617182b5d05d3573a6decb868581a9f76979bd2b9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 13:14:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14972
Connection
keep-alive
Content-Length
10065
Expires
Thu, 15 Dec 2022 13:13:57 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame DB0F 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:30:41 GMT
content-encoding
gzip
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48824
etag
W/"b3509b007a9d747642c6a762ce4aed79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
mkL6gxzUy1DhRm5zYGobU5YksfPXsa4kDTYrHgtZQedoN1qGiFUo2A==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame C52D 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
W/"601b131c-27c"
expires
Tue, 14 Dec 2027 09:04:25 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
eb2.3lift.com/ Frame A5FE 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame F216 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AN69wlFJ0l1S9LCY
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:25 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 84D9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11492479&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0014fdb5c5fb77c0da95253ce640bd62bfd0d8fffe1c5a57432372f783f91739

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame B896 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:30:41 GMT
content-encoding
gzip
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
48824
etag
W/"b3509b007a9d747642c6a762ce4aed79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
zWCIngDYANHsWQdjP7ETJYdN3uAfO2L5eq7yB6SlJWzirV5QyKzaoA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 3228 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
W/"601b131c-27c"
expires
Tue, 14 Dec 2027 09:04:25 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
eb2.3lift.com/ Frame 33E4 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
csync
sync.adtelligent.com/ Frame 57D3 		0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AN69wlFJ0l1S9LCY
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:24 GMT
Etag
080997fa4c676efe
Server
Adtelligent
1671010538360.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010538360.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
034bb379652a45602be744c45a00f31e7cd5b3edbe937821ffd445d666ea631e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:25 GMT
x-cache-op
HIT
x-amz-request-id
tx00000000000000068515a-00639a64dc-2a8896-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32289
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
1777352
x-77-nzt
AdRmOMHDN9j/IX4AAA
x-accel-expires
@1671667576
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"d51726beab6589e9bf028f6b6ee56080"
x-77-nzt-ray
vp47wKtB4vw
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
cmp
spl.zeotap.com/ Frame B4D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=d0aa4531-791c-4f17-68c5-080b767878c6&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
779e02ffa8079049-FRA
date
Thu, 15 Dec 2022 09:04:25 GMT
server
cloudflare
vary
Origin
via
1.1 google
GS.d
js.cookieless-data.com/ Frame C52D 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1671095065540
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ABCD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f17639a-e319-4b00-bea5-3a5a540521a7&gdpr=0&gdpr_consent=
42 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f17639a-e319-4b00-bea5-3a5a540521a7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:26 GMT
Expires
Thu, 15 Dec 2022 09:04:25 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x15 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2f17639a-e319-4b00-bea5-3a5a540521a7&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame A2DE
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6376616859132444119
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6376616859132444119
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6376616859132444119
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame E9B5 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 09:04:24 GMT
expires
Thu, 15 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
394218
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0F53 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7F402834-9BEE-4BA4-A84C-B9594D193165&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZSTDX3FEY8J8YP1DBXVD
Pug
simage2.pubmatic.com/AdServer/ Frame 615C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5437143918759245556&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5437143918759245556&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
1895ab2e-439d-41de-abfd-404fe2773f34
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 09:04:25 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5437143918759245556&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame BE79
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo
42 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 6B9B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177298652685596820&gdpr=0&gdpr_consent=
42 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177298652685596820&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 15 Dec 2022 09:04:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7177298652685596820&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
setuid
prebid.adtarget.com.tr/ Frame 5DF9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDcHJVN0hOY1lBQUNORzNJYVUxUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACprU7HNcYAACNG3IaU1Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACprU7HNcYAACNG3IaU1Q&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACprU7HNcYAACNG3IaU1Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1121704355552526551&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACprU7HNcYAACNG3IaU1Q&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
0
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 09:04:26 GMT
expires
0
pragma
no-cache
server
nginx/1.20.1
vary
Accept-Encoding Origin

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F99
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zEcU4nk_TMx-XTIFUBjgDtly2hQ
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zEcU4nk_TMx-XTIFUBjgDtly2hQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:25 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 09:04:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zEcU4nk_TMx-XTIFUBjgDtly2hQ
Pug
simage2.pubmatic.com/AdServer/ Frame 2CC6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rjGQAEKU9NwQAp&gdpr=0&gdpr_consent=
568 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rjGQAEKU9NwQAp&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:24 GMT
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rjGQAEKU9NwQAp&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220091-HHN
x-timer
S1671095066.573668,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 2FEE
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 9C46
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
779e0301bd5c699f-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
779e03003a85699f-FRA
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1803
bridge
cm.adgrx.com/ Frame F78D 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
generic
match.adsrvr.org/track/cmf/ Frame BC66
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2104953085
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2104953085
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
RX51082837914e417bb8e49e849bc39952003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2104953085
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 53CC 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 09:04:25 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-a34bded5648a@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 1A20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/ Frame 0923
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXbaXRgWnhXXanVSj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.24.23

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXbaXRgWnhXXanVSj
cm
ipac.ctnsnet.com/int/ Frame 6182 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
csync
sync.adtelligent.com/ Frame F509 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=7F402834-9BEE-4BA4-A84C-B9594D193165
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:24 GMT
Etag
080997fa4c676efe
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 84D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f0AoNJvuS6SoTLlZTRkxZQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 09:04:25 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=20696
accept-ranges
bytes
content-length
5549
expires
Thu, 15 Dec 2022 14:49:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 84D9 		95 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7F402834-9BEE-4BA4-A84C-B9594D193165
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
779e02ffe88e9049-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 84D9 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.182
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 84D9
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F402834-9BEE-4BA4-A84C-B9594D193165
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F402834-9BEE-4BA4-A84C-B9594D193165
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
via
1.1 google
last-modified
Thu, 15 Dec 2022 09:04:25 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F402834-9BEE-4BA4-A84C-B9594D193165
date
Thu, 15 Dec 2022 09:04:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSkYPa81TPojKqDCMjJpBU&google_cver=1
42 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSkYPa81TPojKqDCMjJpBU&google_cver=1
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSkYPa81TPojKqDCMjJpBU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 84D9 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 14 Dec 2022 09:04:25 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6086994825254833814
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6086994825254833814
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6086994825254833814
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 84D9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_87336f5f-7bf8-4a38-a726-fa52216eb481&bsw_param=865905ec-dccc-4e7e-a799-fdb4100d6922&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=865905ec-dccc-4e7e-a799-fdb4100d6922&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
7F402834-9BEE-4BA4-A84C-B9594D193165
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 84D9 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7F402834-9BEE-4BA4-A84C-B9594D193165?gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:1fd9:6969:7081:2e2b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7F402834-9BEE-4BA4-A84C-B9594D193165&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vv_dgpJE2uUj3V.T87E6sRRudwyX1FQ-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vv_dgpJE2uUj3V.T87E6sRRudwyX1FQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vv_dgpJE2uUj3V.T87E6sRRudwyX1FQ-~A&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 84D9 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 84D9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3591486919638650168&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3591486919638650168&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3591486919638650168&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ea43cb5f-7609-4a33-a092-27fbd89faea6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ea43cb5f-7609-4a33-a092-27fbd89faea6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ea43cb5f-7609-4a33-a092-27fbd89faea6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 84D9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5437143918759245556
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5437143918759245556
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
AN-X-Request-Uuid
bab17624-de70-45ca-991e-a49e1a2510f8
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5437143918759245556
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
GS.d
js.cookieless-data.com/ Frame 3228 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1671095065574
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 09:04:25 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
Server
nginx/1.20.2
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
sync.html
rtb.prebid.adtarget.com.tr/ Frame 10BB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.prebid.adtarget.com.tr/sync.html
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
2a0eaf29238741dda58dd975d9385d9b2f530df3cf8e0a78fe089a0d6aea5218

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
W/"1190-1850fabf07a"
last-modified
Wed, 14 Dec 2022 08:06:44 GMT
server
nginx/1.20.1
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame BB2C
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D737566%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=6086994825254833814
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=6086994825254833814
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:25 GMT
Etag
e137f4f9e17d9e90
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=6086994825254833814
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 8F3D 		0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:25 GMT
Etag
e137f4f9e17d9e90
Server
Adtelligent
csync
sync.console.adtarget.com.tr/ Frame AB2A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6086994825254833814
0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6086994825254833814
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:25 GMT
Etag
e137f4f9e17d9e90
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 15 Dec 2022 09:04:25 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6086994825254833814
server
nginx
cm-notify
creativecdn.com/ Frame 8FB9 		42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creativecdn.com/cm-notify?pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
content-type
image/gif
date
Thu, 15 Dec 2022 09:04:25 GMT Thu, 15 Dec 2022 09:04:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
csync
sync.adtelligent.com/ Frame 2CB1
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=e137f4f9e17d9e90
0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=e137f4f9e17d9e90
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Adtelligent
Etag
080997fa4c676efe
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=e137f4f9e17d9e90
Date
Thu, 15 Dec 2022 09:04:25 GMT
Server
Adtelligent
Etag
e137f4f9e17d9e90
Content-Length
0
1671010542350.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		1020 KB
1022 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010542350.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9c534854874ac7f16a007c3e30fef837c474e50f757ade9d1c49977b981b78b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:25 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb0d1-00639a64cf-2a882d-eu-west-1
age
13
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-qeta-06
x-age
32287
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
1044152
x-77-nzt
AdRmOMFnvWX/H34AAA
x-accel-expires
@1671667578
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
"f3e090565697999a069c26adaf18e79a"
x-77-nzt-ray
OQZUn9uYK6c
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
1671010546346.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010546346.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
dabfd43331f3d07d696de9630d3635df9b4ec7c2353ac3a5ed43a65605990787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:25 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb0eb-00639a64cf-2a882d-eu-west-1
age
13
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-leta-05
x-age
32117
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
1479560
x-77-nzt
AdRmOMG/Ka7/dX0AAA
x-accel-expires
@1671667748
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
"9df59922412af2902cf44053451fff7a"
x-77-nzt-ray
okeggsoCoD8
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
id
id.sharedid.org/ Frame 10BB 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: rtb.prebid.adtarget.com.tr
URL: https://rtb.prebid.adtarget.com.tr/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.16.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-16-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.prebid.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://rtb.prebid.adtarget.com.tr
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:26 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
381.json
id5-sync.com/g/v2/ Frame 10BB 		216 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/381.json?gdpr_consent=&gdpr=0
Requested by
Host: rtb.prebid.adtarget.com.tr
URL: https://rtb.prebid.adtarget.com.tr/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
6d39f8601d1af317629ba77353db03eb0ba85ace77d7c1e83b860ed58b693e21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rtb.prebid.adtarget.com.tr/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://rtb.prebid.adtarget.com.tr
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 10BB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frtb.prebid.adtarget.com.tr&domain=rtb.prebid.adtarget.com.tr&bundle=&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=AP7f73wrRHRwNDlWZyt3VTJ1QkN5STVHSDVnOXQ1V2N2blN0aHF2UEFVWnNBZmNSSUxPYUFneGdXQ3pXT0lLc3BSNHRibXJNbk0xcDJ2RnlQcUJqSldwUHdCVzRuaGZzbnAvTUZ2amxhQXNRdlhKSHZwZy9LU2FHQWNmTm...
357 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=AP7f73wrRHRwNDlWZyt3VTJ1QkN5STVHSDVnOXQ1V2N2blN0aHF2UEFVWnNBZmNSSUxPYUFneGdXQ3pXT0lLc3BSNHRibXJNbk0xcDJ2RnlQcUJqSldwUHdCVzRuaGZzbnAvTUZ2amxhQXNRdlhKSHZwZy9LU2FHQWNmTmxSQ2JSSHFjVFVTVlAwSXN5bG50cGplNElVTXVZN0MrYzZzSzBDZ0IzUFRkVU4zTUMzMHAwVmd4VGE5YzFhaW1sNzRRbVpsR1dzZXpQUCthMXh1MkphRndLZUl6bCsrSllEWHFGNGVSd0dOQUNETk9HUmF2c3VWa3NXRnpjeXhvRENPUHZCcGFtfA&cppv=2
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fb0650c7bc5e9c20dd9bad9ca7ee46581cf3f48519ed35d31cb27266beb7b976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.prebid.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1424462
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=AP7f73wrRHRwNDlWZyt3VTJ1QkN5STVHSDVnOXQ1V2N2blN0aHF2UEFVWnNBZmNSSUxPYUFneGdXQ3pXT0lLc3BSNHRibXJNbk0xcDJ2RnlQcUJqSldwUHdCVzRuaGZzbnAvTUZ2amxhQXNRdlhKSHZwZy9LU2FHQWNmTmxSQ2JSSHFjVFVTVlAwSXN5bG50cGplNElVTXVZN0MrYzZzSzBDZ0IzUFRkVU4zTUMzMHAwVmd4VGE5YzFhaW1sNzRRbVpsR1dzZXpQUCthMXh1MkphRndLZUl6bCsrSllEWHFGNGVSd0dOQUNETk9HUmF2c3VWa3NXRnpjeXhvRENPUHZCcGFtfA&cppv=2
access-control-allow-origin
https://rtb.prebid.adtarget.com.tr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
666465
content-length
0
expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 9B0E 		0
0
rmphb
sync.1rx.io/usersync2/ Frame D6CF 		0
0
cm-notify
creativecdn.com/ Frame E794 		0
0
pbsync.html
js.adscale.de/ Frame 6B85 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame F225 		0
0
rmphb
sync.1rx.io/usersync2/ Frame 5726 		0
0
cm-notify
creativecdn.com/ Frame 7B50 		0
0
pbsync.html
js.adscale.de/ Frame F328 		0
0
setuid
prebid.adtarget.com.tr/ Frame 807B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&pu=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dpubmatic%26g...
  • https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
0
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
Requested by
Host: rtb.prebid.adtarget.com.tr
URL: https://rtb.prebid.adtarget.com.tr/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.prebid.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 09:04:26 GMT
expires
0
pragma
no-cache
server
nginx/1.20.1
vary
Accept-Encoding Origin

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:24 GMT
location
https://prebid.adtarget.com.tr/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&f=b&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.adtarget.com.tr/ Frame 2FA3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redir=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_con...
  • https://prebid.adtarget.com.tr/setuid?bidder=unruly&gdpr=&gdpr_consent=&f=b&uid=OPTOUT&us_privacy=
0
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.adtarget.com.tr/setuid?bidder=unruly&gdpr=&gdpr_consent=&f=b&uid=OPTOUT&us_privacy=
Requested by
Host: rtb.prebid.adtarget.com.tr
URL: https://rtb.prebid.adtarget.com.tr/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.prebid.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 09:04:26 GMT
expires
0
pragma
no-cache
server
nginx/1.20.1
vary
Accept-Encoding Origin

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 15 Dec 2022 09:04:25 GMT
etag
OPTOUT
expires
0
location
https://prebid.adtarget.com.tr/setuid?bidder=unruly&gdpr=&gdpr_consent=&f=b&uid=OPTOUT&us_privacy=
pragma
no-cache
cm-notify
creativecdn.com/ Frame 951A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://creativecdn.com/cm-notify?pi=adtarget&redir=1
Requested by
Host: rtb.prebid.adtarget.com.tr
URL: https://rtb.prebid.adtarget.com.tr/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash

Request headers

Referer
https://rtb.prebid.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers
pbsync.html
js.adscale.de/ Frame BE8A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: rtb.prebid.adtarget.com.tr
URL: https://rtb.prebid.adtarget.com.tr/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:ce00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040

Request headers

Referer
https://rtb.prebid.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
376
cache-control
max-age=7200
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 08:58:11 GMT
etag
W/"9f4e83cc82a56a2a6e9851eeee2f9f34"
last-modified
Mon, 12 Dec 2022 02:57:58 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1bddae9b49dd524202e512c8a57980a0.cloudfront.net (CloudFront)
x-amz-cf-id
ZMYbzEDnXGVp3gUW0cyrsRIhT-Mr2sd9tOMHdSKmraOerYzi9bmDFg==
x-amz-cf-pop
NRT57-C3
x-amz-version-id
lN39_t6q8YZkCO_T_d6lv1tHr9hKgp.Q
x-cache
Hit from cloudfront
setuid
prebid.adtarget.com.tr/ Frame 10BB
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://prebid.adtarget.com.tr/setuid?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=6086994825254833814
86 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adtarget.com.tr/setuid?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=6086994825254833814
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.prebid.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:26 GMT
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0

Redirect headers

location
https://prebid.adtarget.com.tr/setuid?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=6086994825254833814
date
Thu, 15 Dec 2022 09:04:25 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
prebid.adtarget.com.tr/ Frame 10BB
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dbmtm%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.adtarget.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=865905ec-dccc-4e7e-a799-fdb4100d6922
86 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adtarget.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=865905ec-dccc-4e7e-a799-fdb4100d6922
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.prebid.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:26 GMT
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
content-length
86
expires
0

Redirect headers

location
https://prebid.adtarget.com.tr/setuid?bidder=bmtm&gdpr=0&gdpr_consent=&f=i&uid=865905ec-dccc-4e7e-a799-fdb4100d6922
date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame 24D0 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 8574 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
416173
video.gjirafa.com/Action/SaveView/ Frame B21C 		94 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/Action/SaveView/416173
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/signalr?v=ESzVmpNGv_aDeciqJ96y8azOIur4IPtZQ8UNy-umB6k1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a3f665fd38311a12d279f5099b71b69b3da7e6f32bb2fdf3e571f806bac5c77

Request headers

Accept
*/*
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAENLZVWE1qIlkPitxJG5F67LwcmZwkhHRGqz%2BWpfG1up4z4ZVQBvbdZWmB94XGVFyunsMYrpCw%2F4IcEJVZ2R4E%2FUnINcsKH4MfGlv7RMmpB%2BjaIXX4smFjeTCn98zmhE%2FP0"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
779e03029a819125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lajme.json
telegra.fi/storage/trending/hourly/ 		483 KB
123 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/lajme.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45bcb96d58ebbf58bf1fca9c58b3326289680d6e13f67a102f2bf156c73525bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:38 GMT
server
cloudflare
etag
W/"639ae2ae-78d31"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibNsVH%2Fi1eEl895Exf8ZCk4FK1OM1BCb4li57q%2Fw6W1AwFfcTwKR4SwmGv%2B6xpOvci77Xk7DtSbVE5rukFksfa6Xf7GdjX4vUVPyFzqWqXBGpffPdzA1KQNjkTZmoRyBOy5m0V80uGFJ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba7cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bote.json
telegra.fi/storage/trending/hourly/ 		650 KB
152 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/bote.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273ae9ec1f3ea9fc943970fa7a6ad22d2403eb75f102317351236c4b62a521d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:57 GMT
server
cloudflare
etag
W/"639ae2c1-a294d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ef0T4lMKghY3zSFe596j0gTwiCU3TkUEtLm4bHftmy4XS8yEvabj5C422wOlJ6HmFjSlkBzbcm0W%2BXpBInrnps7kZNq6z%2BgXxR04YhEcAuNxF0TrnpBFZ2JJi80977wbAQdO%2BFA%2Bt%2B1"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033bb1cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ekonomi.json
telegra.fi/storage/trending/hourly/ 		357 KB
88 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/ekonomi.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9620b40f89d1e064d435bb41cfae0a4477595fff9bb4cea8ba7217a12c47784

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:39 GMT
server
cloudflare
etag
W/"639ae2af-5944b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv93paAgXiIAhkQpvC4ygHzM7%2FZQLsqJiO947V%2B2OWu6KjBRNiRKtqsMQZZpsUNt74qq1JB6S9kiUTS428TwC3gNV4tBrI%2FIi5FgaSXuPkCarOrlR4eYah3zMdQQY64%2BOP%2B6jEKGK6ze"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033bb0cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
kultura.json
telegra.fi/storage/trending/hourly/ 		206 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/kultura.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7072f55713cf3691a2fe2016690f86efcbc53ef7632267b02465e90bdaff5b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:49 GMT
server
cloudflare
etag
W/"639ae2b9-3382d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqadBBrW5ly%2BHSC77iYyGmQdhMMYnW6X0QCIvJpMwR0Mfa2NEUtVxiuZC0oEvW48Rynd8eP29jFhz%2B9x%2Fmgi80NqAi6vw%2B0hwVD33SilwVOkdmtvUsZvtUECiulB2l7DGauy34SNs5Vq"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033bb2cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
sport.json
telegra.fi/storage/trending/hourly/ 		428 KB
103 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/sport.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba16308b9257b263c09cea8c98930db11c0a0e4ed9eddd6a0967c8a0e74b433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:41 GMT
server
cloudflare
etag
W/"639ae2b1-6b1de"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fcqBTzXR5TpGxxrjUydpa%2F2oa3rcZgZoY1mwijI9K%2BLPlT4nL8vShRjqRAtubwoIySzpC8Opb72K9Q3fWUrFd5jfcpL92RjazjGhZTyHfVWgaARqy38yYajfxgWGDkEmpU5ME%2B5YGXS"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba5cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
magazina.json
telegra.fi/storage/trending/hourly/ 		640 KB
100 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/magazina.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06a7dd5298693f7b79994d18c6261580c41065317e08555844f3dab606275eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:43 GMT
server
cloudflare
etag
W/"639ae2b3-a01d2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AXsfI60lqaejIsuTGRH4PioguWxywdr3nLB1bbGDJ%2Bkn6d37xjx%2FlpxCG%2BlP2g6xQ%2FwV2BfbB0xR8IdE74PHZD5jpzfDpxPSNlqXJU85fwGsEWHUODiNGdIm2ao9EcqNLdRQNBsyAPz"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba4cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
femra.json
telegra.fi/storage/trending/hourly/ 		229 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/femra.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1c076dbd3912a5807a7dc95af0c12f34c92f90af7256fdfa482a8e9478d889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:50 GMT
server
cloudflare
etag
W/"639ae2ba-394ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5YsTvNQ%2BjK96WWKojJykMDD1AscI3k4BnM3masjpbYfCoYssiK7ry0a7o%2BdyJw%2BU9iaH3440vH9N3OBrTVXoBWE%2B2%2FoYGF2URe2iu7TIrrWx8QTlisaGXp%2BLElJ0rnHQxUuUX%2FmgTfG"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba2cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
stil.json
telegra.fi/storage/trending/hourly/ 		167 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/stil.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b04e2b4936cb6c67772d17bf309b3d707072cc4b78849c2620eb114f52f22a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:52 GMT
server
cloudflare
etag
W/"639ae2bc-29cef"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjs6mwoOEHfK4vXqPrDzyk4upn6IzjBlYsE1gnNmbtUWtb3mJzufU6W4X5Q7sbgQXDIF6KpAiezRMTmL48Ze%2FELNTvnKqUMgfkZn105bi2r7845q%2F3iYtH%2FEByaQeOOyCQ3259dV6eI9"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba1cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
shendetesi.json
telegra.fi/storage/trending/hourly/ 		548 KB
147 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/shendetesi.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b2c437647bfe581cf2d101a3c7625f9a6c9260116a31c0c51d451435d7ed1b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:47 GMT
server
cloudflare
etag
W/"639ae2b7-890cf"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HdHdwcoLe%2FD1pSFdyNvU%2FqKlZXZsd%2Fr1NeBMD5IZ435guBUoa6Z7Z89KVtYOg68pIpfW65yrDf80rkkGGYSIr7cJU0Hct84uQS3bLuDkgA9tsFwf1TgeaxhoX%2FBwx4XPBsUZzMlSICE"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba8cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
auto.json
telegra.fi/storage/trending/hourly/ 		42 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/auto.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672ad3899570fcee857a310ca1c38d4d5ff2647dd305377255951fdad3721286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:55 GMT
server
cloudflare
etag
W/"639ae2bf-a982"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YX0oWz%2F1JRbHTn0YJxSLHWHAWbda3yuA8DsZWYGktZGcL3%2FnIxJpm6nHJd0OSoR3HHz4ehJy0iYe7M55cO8FQzjG9NzyTFOBlSln73VjfOoaFJtLPHscP%2Bp7kbfODY2Q7UvByJx%2F97oW"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033ba9cae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
teknologji.json
telegra.fi/storage/trending/hourly/ 		48 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/teknologji.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0b4af96a3f7b7fe7a62c83430ea2d8b80bec7276f0d574d2c1f2dcbc3090dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:44 GMT
server
cloudflare
etag
W/"639ae2b4-bf25"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhVxSaZp3SimiIAXrzaN9Vx9qz1H5le0wHYHiVK11DDlny17OUTnozGO9vg3xhOr2LEwk%2Bpijs3D7oRXgaTq1iCBP95Xm9RiYYDdWVbbWur3VJRZuZ1ApPro%2FOzFD6HMDnsTfk%2BrC9Z5"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033babcae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
fun.json
telegra.fi/storage/trending/hourly/ 		143 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/fun.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e76f322fd620908a0b5abfa5e61201a56f815203706911327b7aa71d02c95e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:46 GMT
server
cloudflare
etag
W/"639ae2b6-23ddc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFYJU0hdTx1uzVv%2FzWi2MuV2OrdsHNiqodmUSVgQbfRK9d0rVwX40jIlmV6KSVRgOGvZXul4g9bjy0%2FhZ7X8iC205aaKVZWFBJl1ukhUv8RXItxo2iVisMzLwTbd%2F8Zuvdcy06SfwUVw"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033baecae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
kuzhina.json
telegra.fi/storage/trending/hourly/ 		77 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/trending/hourly/kuzhina.json?v=2022-12-15T09:04:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/assets/js/main.min.js?ver=0.4.38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5642e7c763fecdd8d82b39285f1c56f387b5a2f9db8e4621351589b48aa97e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 09:02:54 GMT
server
cloudflare
etag
W/"639ae2be-13411"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSNeTJzqY4Xvr5eTqGoyvS2meD1dKMX8k2Wq%2F32j8rfHRo5MyRC49tbADmEFvaBRR6EKivJI%2BSjVpYtgKiUXZg1qWeOCxMDhUHtaBAX8gZFxetfStnXDIws%2FA0hNi%2Fu9Rb1Iop%2FdAAuh"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cf-ray
779e03033bafcae1-DUS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
web
bisko.gjirafa.tech/api/v1/events/ Frame B21C 		72 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/web
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3f27b38b91442bd4021a63fb1ef8ed0fae5f1c13bc00f45ce97a43689ccf061

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhyL5HW6HBUZ05StB%2F2T%2BAEzKaWCWB7NadU70Baxms4YPw3apR3hhg6l1KM2LjdB5FLRXqDhqw8QtHY0cRzk5XN7qRYhZ5LPeP7ev%2Fpg%2FTvlXQIxKNWWE%2BAVwttvcKHesw8blA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
779e0303fab55c9e-FRA
web
bisko.gjirafa.tech/api/v1/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://video.gjirafa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://video.gjirafa.com
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779e030389d95c9e-FRA
date
Thu, 15 Dec 2022 09:04:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ps1tm7u0ruQQ2cSqd7HitDPDsOQ1lY%2Bwn8Mqr%2FuJkMHX4hJwKcyrraelziY2R%2B1JgadN4JJ%2BTUiquCgMlOrs5MDOq2sBb4iHqwEfoTunLv2ctaW0hiwgiYP2H5JwGaPJaYAzFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
09-051843-every-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/09-051843-every-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2605e447e9d35d51ec72f840c4a3d22a9ddb7efd33aa184fce5519a36fb53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
35092
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24837
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 23:17:52 GMT
server
cloudflare
etag
"639a59a0-6105"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z6ndnWRLSJQX6H8sjxoAiPk0EcF6XgWgWHNRHIDWAqU3fZ7ZV7RptYF2xbtIUkYabpLhDHBxzW6%2B2rLSqrFH26VP57oUimm2918Sbc9MxtYPmFJaqAnRjk8KgRHC5cMsvH%2FA36P7LvOr1ep"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03040abe926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 23:19:06 GMT
female-with-blue-eyes-covered-with-white-blanket-royalty-free-image-1031144532-1559581956-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/female-with-blue-eyes-covered-with-white-blanket-royalty-free-image-1031144532-1559581956-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c391ddc95cb172b8d8951cad22e2dbd257bb184ebe755f73f1070e650171779c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36418
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14612
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 22:51:03 GMT
server
cloudflare
etag
"639a5357-3914"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcu82HI3GR%2Bf3PjFgDhtLLDpJviTCeHRuqxZoVDvMxHJ6ZW2ItiC%2B4Euz6gykWtu3VXZi%2FC3r1W3OLYakKYPjRvEaVMkPhOpJl3MQfKVu%2Fu9mCZb%2Fq3%2Bk2auusuis0QN2c1h1vq3JWqV1Kbn"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03044b21926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 22:53:59 GMT
widgetv3.html
cdn.izooto.com/newshub/ 		84 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/newshub/widgetv3.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af74546145c32a5d0ee118eab2e754610a8a3697b0eec32f386d24f25545ccb
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 13:22:49 GMT
server
cloudflare
age
1423515
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
779e03051ef5913d-FRA
x-xss-protection
1; mode=block
expires
Sun, 15 Jan 2023 09:04:26 GMT
web
bisko.gjirafa.tech/api/v1/events/ Frame B21C 		72 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/web
Requested by
Host: bisko.gjirafa.net
URL: https://bisko.gjirafa.net/web/gjirafa-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b3f27b38b91442bd4021a63fb1ef8ed0fae5f1c13bc00f45ce97a43689ccf061

Request headers

Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dYQZw2oxsLJx78vBCljXRPUMHILMj5XcZOsDXMCWsWy8YgieSiZNUggWCHXAwv6lcaMjXAhkTCd3yrv09R5SzDtdaXR4UxCwPX9mP4tcqd9b9i7GRx52uv8En4As%2BKKZ9Vt9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://video.gjirafa.com
access-control-allow-credentials
true
cf-ray
779e03055d3a5c9e-FRA
web
bisko.gjirafa.tech/api/v1/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisko.gjirafa.tech/api/v1/events/web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://video.gjirafa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://video.gjirafa.com
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
779e0304bc155c9e-FRA
date
Thu, 15 Dec 2022 09:04:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvj27HkjMe0hAkd8PpWiKglBYhAc%2BrL9deVmzvq%2Bll2XNsifVXrbp8oE8TRSD77kFeWWC3ckvM%2BwKNNpWHYWhrZ3HHJAPgme01jrnOfXO2QAN5IjTLlNfOldzuBjwhqT1GXDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
ptrack
a.audrte.com/ Frame DB0F 		368 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.218.20&p=M1353665098&artime=2022-12-15T09:04:26.353Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dGVsZWdyYWZpLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d7f35e0f30835a31a886851631773a1ff31624261932d266ef413165f4bd30e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
transfer-encoding
chunked
Access-Control-Allow-Credentials
true
Connection
keep-alive
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame DB0F 		155 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 00:45:54 GMT
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
53797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
RhW6TgYXhpXDtrWn_WJyk_ej9nHVQ_F2k-BfzKUnESo35_LEC3iDMw==
ivksi-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/ivksi-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7caafcd4f20d38f449e069be27e1b0ac73e0d306eecd6647e74a1ec689c9044d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44884
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17538
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 20:31:53 GMT
server
cloudflare
etag
"639a32b9-4482"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jb9FCewAMHKDHdufgQbkaFpkznaFpJoqu963lk03XBUuMVYHBfFxLg0N%2BYHLDFG6%2BygjWmpsmTDO3ihQksiWKfG31ByXKsyOvcjUiyZKkNB4jL4bFNAlezf2CdBD5hEV4s65B%2FIhMu4EEH6n"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304cbe7926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 20:32:57 GMT
Screenshot_9-10-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_9-10-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
782533b40447e6fd5605e3b3110dd6963ff20968dec5d26392234923cbf990cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
127460
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19736
pragma
public
cf-bgj
h2pri
last-modified
Tue, 13 Dec 2022 21:36:52 GMT
server
cloudflare
etag
"6398f074-4d18"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KwypTv804GoHNxfZeCq7oBGXtJhEZUs4HBr0engGGYiR2d2VEDN4M4886hJTVs8KuevRmRN4sfDjhG5aMwEg%2BQz%2Be8xCKgFGYVH94Pl6WHGeniKyNoX%2F97kLYsQc38pP%2Fl03RG2zkAJPNdb"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dbf7926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 13 Dec 2023 21:38:55 GMT
Screenshot_9-10-150x150.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_9-10-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe359c7b023096aa10969ca13ef360752254d442d55a089369425629d9283492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
127342
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6328
pragma
public
cf-bgj
h2pri
last-modified
Tue, 13 Dec 2022 21:36:52 GMT
server
cloudflare
etag
"6398f074-18b8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfDSUaTREPuaHj0ACTp%2FB%2BfHKuOg09JaVSLLnSSbxpIzuEeZ7utMAVd%2Bfeoar1q4NZ0DMUuEBcWJfxbiZcX5Sel19sBK%2BnAPfOuQGB7CuxVSfdqql7Dx4MXFz7u9UP2tVLXyeIW9uO4gzmq1"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dbfd926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 13 Dec 2023 21:36:52 GMT
dalic-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/dalic-1-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f313d74e6900ebed442c0aee18f603dfa5a52dcccd786e6f34ed748990659391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88828
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20320
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 07:31:49 GMT
server
cloudflare
etag
"63997be5-4f60"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ou7TnW2BK7Aro%2Bp7txuR9XgRw87Ui8IgwpiS0wRwRrPiuaNVl%2BfXln2%2BnTVLfFwEb%2BYYlJJsuhITJFBd9UOQ49mZKX6xTJ3jHkuPoTFJAB1STznKt34z3nRFOX1UaFmgKtIX3pWuuLDvDQdu"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dbff926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 08:22:06 GMT
dalic-1-150x150.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/dalic-1-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebe9b09d8aa6ba756372a6b4e07a3585ada4349b3e94b47a7a294f7ea25c15e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90876
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6640
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 07:31:49 GMT
server
cloudflare
etag
"63997be5-19f0"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfDVUdU0%2FjJdj9aldRCo2NeWzDSQsjVMVcYzyJYMHZiwboZsxMQIkUpBhYa41WDt9t5%2Fi%2FIqIaMyLa%2FGzq5LPb29eEeSH0a8VfpvEzrVAL67F7XKbUSlUt1xU%2Ft13x3V5Flkr83u3tOLOr7O"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dc00926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 07:31:49 GMT
sigurimi-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/sigurimi-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f71ff5721d63a70f33ffc743fa795b2b15573645198c98bd4f3a320e6394b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66587
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22684
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 14:31:18 GMT
server
cloudflare
etag
"6399de36-589c"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX4jhk9ewHZlwf5Q8k%2BeOHQnQd3mef6KizuJGYqTpw7t33ZvolGq%2FEOuHgGQhFZgOJJNzu5biKcRphg6aGzMR2%2BfgrMLXqS09jsUu8Q5cyGzv4M%2BVVagm2EkKvZuXEYzRrrMFM8plkBZrfC9"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dc02926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 14:33:05 GMT
sigurimi-150x150.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/sigurimi-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0e28ae6fd5ff00d93343c0aff72f35205a377d59d38507a45b21d4ac5f105f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66560
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7119
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 14:31:18 GMT
server
cloudflare
etag
"6399de36-1bcf"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVjeSAoRaESO7Cvk%2BrshVE5%2FvlMmHVjvyxQdFG%2BcKW9rq8W76%2B1Jp5KBULHP2az7j1t7XE9W6c7tSa1W%2Bes%2FRJBq0ld2zt9P5KnVZuUuSHNesPHMxY4YhOa63iJa0hCKY9JZOqZyecxW7dhA"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dc03926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 14:31:19 GMT
Josko-Gvardiol-1-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Josko-Gvardiol-1-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fda3c2a26891701963aebeffd5d742a2d5de3b0a2a3f9e9f3053efabd3cf2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28746
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 11:08:27 GMT
server
cloudflare
etag
"6399aeab-704a"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8veUGeNHP5Y%2F8HL5IZfX8q3j%2FrDabpZe6llQcrC2LeCjzieiQ6WU3mMzKume5sRRUIlOCUsugX%2BWWNhrGpQFSskmgXhMKXRVqBziOgX681SPrZdJ6yOhZOUWdP2DDlTed1vV3zzDapKzIQh"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dc05926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 11:09:19 GMT
Josko-Gvardiol-1-150x150.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Josko-Gvardiol-1-150x150.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c29a376df7b0a419b1643eb83d428185f408de5f99238a09d9cf75a807533f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77943
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9430
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 11:08:27 GMT
server
cloudflare
etag
"6399aeab-24d6"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oT9pH5PtcYMUKnROgkycjWo84ndQdgAjD7ObRUkkQMGZKZCRoT9HWBs8tsejPLOM00EBVPPllfJoZbkBTrZfM5xj5rkRDva1FYTJSbthZ5lw7UnE0SwpQFyqtehJwxx4Nm%2FyP4utXHxMoke"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e0304dc06926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 11:08:29 GMT
Screenshot-2022-12-14-200941-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot-2022-12-14-200941-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14dcf5604890552f58368810e1b3a0a33f9e4a168d245d0131ff1edc4248cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
49987
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25650
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 19:08:12 GMT
server
cloudflare
etag
"639a1f1c-6432"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GJxWBoL57QUwi0eqkZWk0pjbVpSNgp83wxere%2BSZM2bU3HkGmF9xsGgxcaMQU3I0TCbqI1QxptsTzPmpMQgFSsih%2BGK3auQz7s%2BMNGZBUpV1qrIaofTOLmYPWiALKfMfwnBxoS2n6k5WJNR"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03051c6d926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 19:09:15 GMT
data
bcp.crwdcntrl.net/6/ Frame DB0F 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4cb2b696559c50c649d30f5a4c1a3cc78b15cac2fd6d50f362626187094a1acb

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.21.25
access-control-allow-credentials
true
content-length
60
expires
0
wife-looking-on-amusingly-as-husband-snores-380x233.jpg
telegrafi.com/wp-content/uploads/2017/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/11/wife-looking-on-amusingly-as-husband-snores-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3cb7a3c9d4207f1a9a9933df877aaa25960e8d7bc91067210e6f40649e11e70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31195
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14791
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 23:55:50 GMT
server
cloudflare
etag
"639a6286-39c7"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ol8E2rX%2FegB3LonleRIPGdcvyCss4xSMRc8X3JV76GrkqZ9EQcUmoHA39ZoySkx7CgVymqZUTEkIrftixQ9vlzJSmhDP33S1jMLBmZ3MpNtyXkzBeVZTSBtl0859ZR50KocnTyn8MidtS3ot"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03054cba926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 23:58:22 GMT
femija-380x233.jpg
telegrafi.com/wp-content/uploads/2017/09/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/09/femija-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7309563f69317eacf45270be692b935c811d4262d49c7f8d5d7877ff56a84ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18089
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15684
pragma
public
cf-bgj
h2pri
last-modified
Wed, 13 Sep 2017 14:27:43 GMT
server
cloudflare
etag
"59b9405f-3d44"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpofpVUBuwVvq7uASymi4Ff%2FD0bZMFhUwMPlqTPNq%2F48rb5j%2Bcr80%2FMgPQt0pSisIZXV%2Fhv1qzMDyehxMJqotq2iOsOeObkvoK9kvsBxJkZmuDXTzRvd2rq2zAJLwWV%2B632eq1Z9d3Xbu4Ef"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03054cc0926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Dec 2023 04:02:45 GMT
1-91-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/1-91-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d247402b05cddfe0b07d3da95a89c7a4793eb3fe0df3254ce1d854425143a11b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70761
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31389
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 13:21:48 GMT
server
cloudflare
etag
"6399cdec-7a9d"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43z98lTiSPLsZck93STJBxaMa2UjdLJq91r%2FLXKUBHmZVq1QaoPRfAGSFrkjhL3MQul94Vrxn7IRuDGSk%2BPvoSZCU2%2BD78z0yc167vABOmqFu85dx3y%2BdQhBM8Lh1T%2FZNU3qh%2FXrSyHrHoQe"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03054cc3926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 13:22:57 GMT
Veraa-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Veraa-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7fd5a6f773ff501870442385b9659b0b21f4b2ed4003b9ed9f05bb4597cecb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
502656
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15186
pragma
public
cf-bgj
h2pri
last-modified
Fri, 09 Dec 2022 13:17:58 GMT
server
cloudflare
etag
"63933586-3b52"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxuKnXN6OT1EUwFFxBi7p6EYKdfE9Aa5VzDj2GCmHKfDbjBoTtbLZvL8BZYR0Ktt2auJQvw2LODGBuyxNhlJrKCG1J1qqyRudHDtnu4%2FWs3k39XcjFIpiAD1i4n%2F3vyx%2FtBJfmS76nIdk82v"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03054cca926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 09 Dec 2023 13:24:44 GMT
195397_shutterstock-45646495_ls-380x233.jpg
telegrafi.com/wp-content/uploads/2019/07/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2019/07/195397_shutterstock-45646495_ls-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46196187d2b447b8e346959ff3465993db2b0918a7541a8ee8bac69a26eda5b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117899
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25790
pragma
public
cf-bgj
h2pri
last-modified
Thu, 25 Jul 2019 08:00:43 GMT
server
cloudflare
etag
"5d3961ab-64be"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ankKz9UolxeeWUkoia5EoxPmPLAiWYXlug1BGkZnA5rctA8kZ4fLaenVEQTsR71fBZ5XvqZFCA6O1HjZHdHcJbIiR52hlVJG0CcEyfLOku8%2B%2B2nxW4V0eUhF5COIdbkKU4w2Lo79UPWgPwlO"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03054cce926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 00:19:27 GMT
Screenshot_8-18-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/Screenshot_8-18-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96039ac7e15c811f8d6469d9420bd062a7a1574adbf798f4179bdf9dab83fa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11141
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 21:46:05 GMT
server
cloudflare
etag
"639a441d-2b85"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot5bkxLGCh5lcFO4ExP7CzNJoWGw2dvakanrpoXKrV%2FTVKmQCdeK%2BoaViCF1a1STHauxlrrtjb34ghcu21945XBCL%2F75F%2BaejXqGSaL%2FC835y0QLCzT7xvSwUVaWgVu7AztADjt%2FDxMsyRne"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03054cd6926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 21:46:56 GMT
Greg-Delawie-Ambasadori-i-ShBA-ve-foto-ridvan-slivova-5-380x233.jpg
telegrafi.com/wp-content/uploads/2017/09/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2017/09/Greg-Delawie-Ambasadori-i-ShBA-ve-foto-ridvan-slivova-5-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8906e11af051c14e06bf37bc863b3ba5bcddacfdbdebc5df776d631742089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139155
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11744
pragma
public
cf-bgj
h2pri
last-modified
Wed, 20 Sep 2017 20:59:07 GMT
server
cloudflare
etag
"59c2d69b-2de0"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tr11f7XM9RBDRZjrLme9kNPBhA1SKHC72Fx0vrFlGfGzOMPBd36G9WHb6RZWZR4ktkb419qG1H2JdWC7092ENxK8atDPqBwYeQkYEkjSLSDw7iYBixl9sxxKaARLAaHlEnq2sx6HY2buatgQ"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03057d17926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 13 Dec 2023 16:59:05 GMT
mitro02-380x233.jpg
telegrafi.com/wp-content/uploads/2022/12/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/12/mitro02-380x233.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be824253d1179f3d5448a3d75ee9699060e7bea3b6991c1c8edb87370b0fc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60339
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21529
pragma
public
cf-bgj
h2pri
last-modified
Wed, 14 Dec 2022 15:05:17 GMT
server
cloudflare
etag
"6399e62d-5419"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnrN3AkBqJs%2FwoK6LOkOGJTuwnEZNUqVzKuoEvXrfguJQ0M1Gqh%2F7a1ta9ER7Xl4VNf02lR7or3zDM7SKwmmawdXc0w%2FsYMPkc%2FMNsYGEroGsB1DPiDbkxkW2Qdlkc5o0lC7WA%2FQM7Uwp74G"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31556952
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
779e03058d20926b-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 14 Dec 2023 16:04:20 GMT
p
a.audrte.com/ Frame DB0F
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6086994825254833814
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame DB0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=&google_gid=CAESEKunyg1NxGz_XSSoIYeePgY&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame DB0F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
latest.json
nh.iz.do/nh/b3bda2c1959a528ce1dc87b77391f300e4e01317/ 		558 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nh.iz.do/nh/b3bda2c1959a528ce1dc87b77391f300e4e01317/latest.json
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc8031c5fec6a062cf0a19a11bb9f4d1b35b7dc0e5cde817a809f4dd99d6e4f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Dec 2022 18:00:36 GMT
server
cloudflare
age
1454
etag
W/"639a0f44-22e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
779e030749079152-FRA
x-xss-protection
1; mode=block
expires
Thu, 15 Dec 2022 09:24:26 GMT
1671010550344.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010550344.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
4d27acc0f4d2aa1fdcc6264782051bc30bf4d2f64e92bac73aa0d759d38d3c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:26 GMT
x-cache-op
HIT
x-amz-request-id
tx0000000000000007cb106-00639a64d0-2a882d-eu-west-1
age
4
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-leta-05
x-age
32117
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
1876428
x-77-nzt
AdRmOMG8kx7/dX0AAA
x-accel-expires
@1671667749
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
HIT
etag
"475f50dafdae1dab492103b5c7c6c590"
x-77-nzt-ray
Vs//sJ4JXVI
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
ptrack
a.audrte.com/ Frame B896 		368 B
899 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.114.218.20&p=M1353665098&artime=2022-12-15T09:04:26.910Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
373a7a391ebb5e83270af187fca04fbe04f214612258c2cea3c426945964bd04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:26 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame B896 		155 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 00:45:54 GMT
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
53797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Mon, 21 Nov 2022 18:31:37 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
accept-ranges
bytes
x-amz-cf-id
mitc1jm1kS8iAn9_PJrh1OwgcBcORRASqpNcxAxsubTeKu7TZGp3zg==
ViewContent
bisko.gjirafa.com/tr/ Frame B21C 		68 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/ViewContent?guid=75fcad9c44b54a429d01fb51e13d7d3262ff5352325b4ab38c9c337055fed969&sd=4dbfeaa91c44468ab85fbc15379412e7&t=1671095067008&v=5.1&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&c[0].name=Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage&c[0].e[0].k=live&c[0].e[0].v=false&c[0].e[1].k=showSeries&c[0].e[1].v=Play%20in&c[0].e[2].k=showName&c[0].e[2].v=GjirafaGG%20&c[0].e[3].k=hostName&c[0].e[3].v=GjirafaGG%20&c[0].category=Gaming%2CT%C3%AB%20tjera%2CSport&c[0].id=95887&c[0].type=video&c[0].e[4].k=loggedin&c[0].e[4].v=false&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:27 GMT
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNWlJ9%2Fybtiw7ONf6X8qZP2p90wf85KiYS0hA8HZ7bikRYaIVx6kzrD4%2BYDwJGWcTAVgX3FiM68X8dulwHzmOLcSaUySAzhHliGRN7o298rKOd7ryIVhErHJ%2ByfT3rr61l3y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
779e0308d8a19125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
p
a.audrte.com/ Frame B896
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=&google_gid=CAESEKunyg1NxGz_XSSoIYeePgY&google_cver=1
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 15 Dec 2022 09:04:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame B896
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6086994825254833814
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 15 Dec 2022 09:04:27 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame B896 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=78bStFTLX6yTxSA3ifTBJhVEA&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:27 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
data
bcp.crwdcntrl.net/6/ Frame B896 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-187-82.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
847c277866c86ff4c59b99c54c9f9fcff08af42d1f055bdfa71fd005d0856d83

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:27 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.1.48
access-control-allow-credentials
true
content-length
60
expires
0
1s
bisko.gjirafa.com/tr/ Frame B21C 		68 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bisko.gjirafa.com/tr/1s?guid=75fcad9c44b54a429d01fb51e13d7d3262ff5352325b4ab38c9c337055fed969&sd=4dbfeaa91c44468ab85fbc15379412e7&t=1671095067279&v=5.1&c[0].id=95887&c[0].name=Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage&c[0].type=video&c[0].url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&&u=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:27 GMT
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXZrR5YzTpd4Gy53uhWS%2Bv%2B3Xztw%2BC%2BGxcpJjy4cLj7%2BqgjM71kpFoYHvxDdiQtDz80J2J%2BWJD6XM6Fmt%2BBSosgAcnGY86s%2FZjlW3z9dkHdiQUXaGoG%2Big8C6ruaF28Q9vfH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private
content-disposition
attachment; filename=bisko.jpg
cf-ray
779e030a8c409125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
SPug
simage4.pubmatic.com/AdServer/ Frame 84D9 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:25 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
uu
ih.adscale.de/ Frame BE8A
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1671095067
  • https://ih.adscale.de/uu?cbfn=receive&t=1671095067&nut&uu=0f1aa06eb2ac45e9b674e4a46b5a902f
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1671095067&nut&uu=0f1aa06eb2ac45e9b674e4a46b5a902f
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8a8df5e0f3808a11dd1c91bb2c05ac262c8779785f8e2d7ab03191306ecc73d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:27 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1671095067&nut&uu=0f1aa06eb2ac45e9b674e4a46b5a902f
date
Thu, 15 Dec 2022 09:04:27 GMT
content-length
0
userconnect.js
js.adscale.de/ Frame BE8A 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:ce00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
mJj.iG2JCV2KJpIe5RjVulvQbtBtVSnw
content-encoding
br
via
1.1 1bddae9b49dd524202e512c8a57980a0.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 08:58:10 GMT
last-modified
Mon, 12 Dec 2022 02:57:58 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
379
etag
W/"988fbfb6c270a6080f89deb043243858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
VgOiOONDiOD5z1dreRkF7wPLobPUlzQa0HlFQl0qF93duqlJXycVtg==
setuid
prebid.adtarget.com.tr/ Frame BE8A 		0
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adtarget.com.tr/setuid?bidder=stroeerCore&gdpr=0&gdpr_consent=&f=b&uid=0f1aa06eb2ac45e9b674e4a46b5a902f
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.157.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.193.157.55.162.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:28 GMT
server
nginx/1.20.1
vary
Accept-Encoding, Origin
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
userconnect
ih.adscale.de/ Frame BE8A 		150 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1671095068291&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7ee63047267db98895abbc28e0a956b375c4b752f83ff94651cd5d3b139d9c3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:28 GMT
content-length
150
content-type
application/javascript
map
ih.adscale.de/ Frame 0C6F 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4356f4b69fae0e7e1674a98f1e0e0be219f00ee64c82019b4ec220ba4942f45e

Request headers

Referer
https://js.adscale.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2792
content-type
text/html;charset=ISO-8859-1
date
Thu, 15 Dec 2022 09:04:28 GMT
match.js
js.adscale.de/ Frame 0C6F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2142:ce00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
oBv6KPS2aRr5Pa6mbh596b2tJhlVqDkJ
content-encoding
br
via
1.1 1bddae9b49dd524202e512c8a57980a0.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 08:58:16 GMT
last-modified
Mon, 12 Dec 2022 02:57:58 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C3
age
373
etag
W/"ff7cce9128150bd82f1a709c03692e3d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200
x-amz-cf-id
9mF5T0_Vj_LX-u9dC4xK5ONqiRFiM-FXoCegnq9j06SSMAF1SDG23g==
PugMaster
image6.pubmatic.com/AdServer/ Frame 5E65 		849 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16755751&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f443b82705b6746e2ce556eaf314ef3335b4aab13f82bfd2b84960c474d12418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 09:04:26 GMT
content-length
849
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame F4EA
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A023190BF3FB4BC492F8481C00562A8C&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A023190BF3FB4BC492F8481C00562A8C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 09:04:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 15 Dec 2022 09:04:28 GMT
expires
Wed, 14 Dec 2022 09:04:28 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A023190BF3FB4BC492F8481C00562A8C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
csync
sync.adtelligent.com/ Frame 3FBC 		0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=7F402834-9BEE-4BA4-A84C-B9594D193165
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 15 Dec 2022 09:04:27 GMT
Etag
080997fa4c676efe
Server
Adtelligent
p
a.audrte.com/ Frame 5E65
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7F402834-9BEE-4BA4-A84C-B9594D193165
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-105-161.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 09:04:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 15 Dec 2022 09:04:28 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 5E65
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7F402834-9BEE-4BA4-A84C-B9594D193165&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7F402834-9BEE-4BA4-A84C-B9594D193165&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7F402834-9BEE-4BA4-A84C-B9594D193165&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:28 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:27 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=7F402834-9BEE-4BA4-A84C-B9594D193165&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 5E65
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7F402834-9BEE-4BA4-A84C-B9594D193165&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7F402834-9BEE-4BA4-A84C-B9594D193165&addseg=19,36,42
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Dec 2022 09:04:28 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=7F402834-9BEE-4BA4-A84C-B9594D193165&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
generic
match.adsrvr.org/track/cmf/ Frame 5E65
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=895c55aa4d3dc4fce8984ef1ab6900cf&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 09:04:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
img
ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/ Frame 0C6F
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=0f1aa06eb2ac45e9b674e4a46b5a902f&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e13722305de%2F1671095068335%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=101&tpuid=BBID-01-03458090687280972-16788348
49 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=101&tpuid=BBID-01-03458090687280972-16788348
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:28 GMT
content-length
49
content-type
image/gif

Redirect headers

location
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=101&tpuid=BBID-01-03458090687280972-16788348
date
Thu, 15 Dec 2022 09:04:28 GMT
cache-control
private, max-age=3600
access-control-allow-credentials
true
server
nginx
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C6F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=c9102cea5479312962af16815...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Y5rjGLRqg4TjQCUNTyudDwAA%261148
49 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Y5rjGLRqg4TjQCUNTyudDwAA%261148
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:28 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOWs7DCJEuzE1RZCV10xdhpU1UB9cfSlA4gV4gd2nV4KA7NMuULc7lwfPD1t5qF23fvNz3deLj4TGWw5mEMq%2Be8EnGiDHpCKVo113KXG4Y26e0KlW9ALKnuC8oHunZ1ks1HjNLbL"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=Y5rjGLRqg4TjQCUNTyudDwAA%261148
cache-control
no-cache
cf-ray
779e0313df8c996e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C6F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=78af7ee7d6f358694d9a479...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
49 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:29 GMT
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 15 Dec 2022 09:04:28 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x9 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 09:04:27 GMT
img
ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/ Frame 0C6F
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=01eb2851921a43675404bf218a76dae733e658dbd03e865aa049d05b176251fd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834dadb1919e...
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=42&gdpr=0&tpuid=6086994825254833814
49 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=42&gdpr=0&tpuid=6086994825254833814
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:29 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?tpid=42&gdpr=0&tpuid=6086994825254833814
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C6F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=87302320-08a9-4f98-905f-6de411b0f66e&gdpr=0
49 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=87302320-08a9-4f98-905f-6de411b0f66e&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:29 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:29 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=87302320-08a9-4f98-905f-6de411b0f66e&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2132129
content-length
0
expires
Thu, 15 Dec 2022 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 0C6F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=7ca605a7bbba8629eb53a90c...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
49 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:29 GMT
content-length
49
content-type
image/gif

Redirect headers

Date
Thu, 15 Dec 2022 09:04:29 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=4b17639a-e31a-4900-87c7-761a3664b2c3&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 09:04:28 GMT
img
ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/ Frame 0C6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=45a2973d2439e12a48c788416e968cff602ad637c77affaf10126fcd7c34ec3a&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e...
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?uid=45a2973d2439e12a48c788416e968cff602ad637c77affaf10126fcd7c34ec3a&tpid=38&gdpr=0&tpuid=CAESEKE8PNcHpsjyKqDRu0vv8m8...
49 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?uid=45a2973d2439e12a48c788416e968cff602ad637c77affaf10126fcd7c34ec3a&tpid=38&gdpr=0&tpuid=CAESEKE8PNcHpsjyKqDRu0vv8m8&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:29 GMT
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 09:04:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/img?uid=45a2973d2439e12a48c788416e968cff602ad637c77affaf10126fcd7c34ec3a&tpid=38&gdpr=0&tpuid=CAESEKE8PNcHpsjyKqDRu0vv8m8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/ Frame 0C6F
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2c2788a96d1de0a39edf1aa537c093498870c378d75691f5b5ee45cb64688938&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c73834d...
  • https://tracking-a.dsp.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=2c2788a96d1de0a39edf1aa537c093498870c378d75691f5b5ee45cb64688938&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2Fe7e4961c...
  • https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/js?tpid=48&tpuid=1a41594e7d0e19d064cc564c466b2bba
44 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/js?tpid=48&tpuid=1a41594e7d0e19d064cc564c466b2bba
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
086b1b1c8aabf9d102160f6f23d6f00d6313994cc942fb924226b30f8471198c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP=NOI PSA OUR
date
Thu, 15 Dec 2022 09:04:30 GMT
content-length
44
content-type
text/javascript

Redirect headers

location
https://ih.adscale.de/sium/e7e4961c73834dadb1919e13722305de/1671095068335/0/js?tpid=48&tpuid=1a41594e7d0e19d064cc564c466b2bba
date
Thu, 15 Dec 2022 09:04:30 GMT
content-type
text/plain; charset=utf-8
content-length
147
vary
Accept
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sium
ih.adscale.de/ Frame 0C6F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.28.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Frtb.prebid.adtarget.com.tr%2F&gdpr=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Thu, 15 Dec 2022 09:04:30 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
SPug
simage4.pubmatic.com/AdServer/ Frame 5E65 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 09:04:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1671010554354.ts
ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/ Frame B21C 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ub1doy938d.gjirafa.net/media/zyk0zy/hls/1080_60/1671010554354.ts
Requested by
Host: video.gjirafa.com
URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.102.56.194 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
768270621.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c21a826975534a2bdfdac25fff6219fe31a38a8cd2120a87b19d775047196892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://video.gjirafa.com/embed/gjirafagg-south-europe-play-in-1?autoplay=true&am=true&c=1&m=1&utm_source=telegrafi&utm_medium=embed&utm_campaign=cct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 15 Dec 2022 09:04:30 GMT
x-cache-op
HIT
x-amz-request-id
tx000000000000000685028-00639a64d3-2a8896-eu-west-1
age
0
x-cache
HIT
x-77-cache
HIT
x-gjcs-server
gjcs-leta-05
x-age
32117
alt-svc
quic="212.102.56.193:443"; ma=2592000; v="44,43,39"
content-length
1920420
x-77-nzt
AdRmOMF6bMj/dX0AAA
x-accel-expires
@1671667753
last-modified
Wed, 14 Dec 2022 23:53:49 GMT
server
CDN77-Turbo
x-gjcs-cache
MISS
etag
"6db52108a9af0c36a5040498686298db"
x-77-nzt-ray
pzUx2ZYcgxM
access-control-max-age
0
vary
Accept
content-type
video/MP2T
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS, POST
x-rgw-object-type
Normal
x-gjcs-backend
UB1DOY938D_storage-gjvideo-blobgjirafatech_80
cache-control
public, s-maxage=604800
accept-ranges
bytes
access-control-allow-headers
Range, Authorization
nhwimp
nhwimp.izooto.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nhwimp.izooto.com/nhwimp
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://telegrafi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 09:04:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779e03262857913d-FRA
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=206&frame_width=367&iframe=0&title=Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage%20-%20GjirafaVideo&time=1671095062942&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Ftelegrafi.com%2F&host_url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&random_number=812056534&sess_cookie=ec0945c91851507119ee5fb7802&sess_cookie_flag=1&user_cookie=ec0945c91851507119ee5fb7802&user_cookie_flag=1&dynamic=true&domain=gjirafa.com&account=FSv0l1aIF5y3zM&jsv=20130128&user_lang=en-US
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&pu=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%23PMUID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmphb?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redir=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%5BRX_UUID%5D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=adtarget&redir=1
Domain
js.adscale.de
URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&pu=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%23PMUID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmphb?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redir=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%5BRX_UUID%5D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=adtarget&redir=1
Domain
js.adscale.de
URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fprebid.adtarget.com.tr%2Fsetuid%3Fbidder%3DstroeerCore%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontentvisibilityautostatechange object| __cfQR object| globalAmlAds object| dataLayer object| bp object| playerSlots string| playerCdn function| gtag string| GoogleAnalyticsObject function| ga object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| admixTMLoad object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| $ function| jQuery function| onYouTubeIframeAPIReady object| gaGlobal function| _classCallCheck function| _defineProperties function| _createClass function| Sticky function| close_video_ad function| avideo function| putReklamatBack function| injectfokus function| closestForFokus function| volumeControlFN function| nativeClick function| hasExternalLink function| deleteVideoPopup function| processNative function| processFokus boolean| isMobile function| Swiper boolean| apstagLOADED object| apstag object| TWAGORAINARTICLE function| __tcfapi function| __uspapi object| _taboola object| hb_dmx_res object| gaplugins object| gaData function| AdPlayerPro function| playerPro function| lightGallery function| lgThumbnail object| _io_config object| _izq function| postscribe object| google_tag_manager_external object| relevantDigital object| pbjs object| pbjsChunk object| _pbjsGlobals object| __io object| container undefined| _izAlt object| _iz object| izConfig function| fbAsyncInit object| __tagmanjsonp__ undefined| google_measure_js_timing object| admixTM object| _qevents object| google_optimize object| TRC object| _tblConsole undefined| msg function| iFrameResize object| ProjectAgora object| FB function| _izooto object| regeneratorRuntime function| __tcfapiui function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| __buffer function| quantserve function| __qc object| ezt object| _qoptions object| webVitals object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| Adform object| _adform object| adformtag object| _fscope function| fbq function| _fbq function| ClipboardJS object| Article object| Breaking number| screen_width number| screen_height function| calculatePosition function| popup function| fbShare function| twShare function| menuShare function| viShare function| messengerShare function| linkCopy function| videoSwiper function| initSwiper object| mobile object| tablet object| desktop object| swiperItems boolean| initVal function| swiperMobileModule function| swiperInit function| changeGalleryImage function| initGalleryImage number| fokus_offset number| offsetBy function| timeSince function| string_to_slug function| loadAds number| timeIndex object| shifts function| timestamp function| stickyAd object| stickyContainer undefined| sticky function| cityChange object| lgContainer function| initLightGallery function| realEstateSearch function| _calculateScrollbarWidth object| Menu object| ModuleTrending object| MostRead function| decodeHtmlEntity object| Related object| SocialCount object| Tabs object| Trending object| ZgjedhjetKomunale function| HTML5Player function| BPlayer function| BPlayerUI function| empty function| htmlspecialchars_decode number| l_left number| t_top function| triggerPopup function| getQueryStringParameter function| updateQueryStringParameter function| getCookie function| subscribeSubmit object| wp function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_run_759511334890 boolean| ai_js_code object| excludeIds boolean| __cfRLUnblockHandlers object| criteo_pubtag object| criteo_pubtag_132 object| Criteo object| Criteo_132 object| criteo_syncframe_state object| jQuery1110002847600187320176 function| loading function| ai_process_lists function| ai_process_ip_addresses function| ai_document_write string| selector_string object| heatmap undefined| _adform_cb_1671095064311_32064292741246736 function| html2canvas function| _open object| admixerC boolean| pushed object| aml function| arrive function| unbindArrive function| leave function| unbindLeave

172 Cookies

Domain/Path Name / Value
video.gjirafa.com/embed Name: _bisko
Value: c1e9d8334ba54d4baddb27e81eb37356
.admixer.net/gadx Name: am-uid
Value: b2011afcd891426d91d8cb1b5922e995
.admixer.net/bs Name: am-uid
Value: 8239a9ee1cca4bc0b5955f1db4d45e84
www.telegrafi.com/ Name: uid
Value: M1NW9GOa4xar9FEIP3ZkAg==
telegrafi.com/ Name: uid
Value: M1NW9GOa4xar9FEIP3ZlAg==
.video.gjirafa.com/ Name: _abPercentage
Value: 40
.video.gjirafa.com/ Name: _mgTraffic
Value: C
.gjirafa.com/ Name: __gjci
Value: 457eb92c5cd8470daca67f980a1abc5c
.gjirafa.com/ Name: Locale
Value:
.gjirafa.com/ Name: __ftr
Value: 2022-12-15 10:04:21
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6086994825254833814
.ads.futureads.io/ Name: am-uid
Value: 9bf13ff6806e41b5b6c9a5d24ce946ba
telegrafi.com/ Name:
Value: store.test
.telegrafi.com/ Name: _ga_VLYQGEH6F0
Value: GS1.1.1671095063.1.0.1671095063.0.0.0
.telegrafi.com/ Name: _gid
Value: GA1.2.267557253.1671095064
telegrafi.com/ Name: _io_ht_r
Value: 1
.telegrafi.com/ Name: __io_d
Value: 1_705468254
telegrafi.com/ Name: __io_lv
Value: 1671095063692
telegrafi.com/ Name: __io
Value: c5ca8b842.35177b262_1671095063692
.telegrafi.com/ Name: __io_session_id
Value: cc066e79b.ade562a9e_1671095063693
.telegrafi.com/ Name: __io_nav_state42744
Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22telegrafi.com%22%2C%22previousDomain%22%3A%22%22%7D
telegrafi.com/ Name: __io_unique_42744
Value: 15
telegrafi.com/ Name: __io_visit_42744
Value: 1
.telegrafi.com/ Name: _gat
Value: 1
.telegrafi.com/ Name: _ga_GGFDBX585G
Value: GS1.1.1671095063.1.0.1671095063.0.0.0
.telegrafi.com/ Name: _ga
Value: GA1.1.990110800.1671095064
.izooto.com/ Name: IZCID
Value: ac5d51b0-1048-4584-99af-ff3861ac86a1
.gjirafa.com/ Name: __gjbi
Value: 948b579ed3664909be2bdb2a32269b19
bisko.gjirafa.com/ Name: __session
Value: 395b93a8ff314ba98229d6472c71deda
.telegrafi.com/ Name: _fbp
Value: fb.1.1671095064332.903140669
telegrafi.com/ Name: am-uid
Value: 9bf13ff6806e41b5b6c9a5d24ce946ba
.bidswitch.net/ Name: tuuid
Value: 865905ec-dccc-4e7e-a799-fdb4100d6922
.bidswitch.net/ Name: c
Value: 1671095064
.bidswitch.net/ Name: tuuid_lu
Value: 1671095064
.exchange.buzzoola.com/ Name: uuid
Value: 800002ce-f30d-4238-55b6-b31ca135e2e5
ads.us.e-planning.net/ Name: CT
Value: 1
a4p.adpartner.pro/ Name: apuid
Value: 03671d7b-c76f-45e5-984a-378b66f28e2a
.e-planning.net/ Name: E
Value: AN69wlFJ0l1S9LCY
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7F402834-9BEE-4BA4-A84C-B9594D193165
.doubleclick.net/ Name: IDE
Value: AHWqTUnPvjCLRaahbNVWP3Bwrp_C4cL3xMCtMT92gd9JA_Gic4E69OA_mYfrK_J-6dg
.adnxs.com/ Name: uuid2
Value: 5437143918759245556
.lemmatechnologies.com/ Name: uid
Value: 78c97ab0-7c57-11ed-8bc6-801844df0ab8
.zeotap.com/ Name: zc
Value: 00902228-87bf-4289-6537-a3d3ccee921c
.casalemedia.com/ Name: CMID
Value: Y5rjGLRqg4TjQCUNTyudDwAA
.casalemedia.com/ Name: CMPS
Value: 1148
.casalemedia.com/ Name: CMPRO
Value: 1148
.tapad.com/ Name: TapAd_TS
Value: 1671095065026
.tapad.com/ Name: TapAd_DID
Value: ed5c6ab2-9b09-4437-af51-2e5547bed36d
.yandex.ru/ Name: yuidss
Value: 3004752231671095065
.yandex.ru/ Name: yandexuid
Value: 3004752231671095065
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adfarm1.adition.com/ Name: UserID1
Value: 7177298652685596820
.dpm.demdex.net/ Name: dpm
Value: 59855220362446940511907137209735770751
.demdex.net/ Name: demdex
Value: 59855220362446940511907137209735770751
.weborama.fr/ Name: AFFICHE_W
Value: LNbTUusmn0ss76
.openx.net/ Name: i
Value: 99df40cc-9fff-4f8e-a1c7-b9e9141c5315|1671095065
.zeotap.com/ Name: zsc
Value: %C0%EC3%7F%5D%E4%B1%D1%12%9E%21%B1%AB%F2%8C%D2%A4_%98%C6%93%D2%DE%B2%A7f%10W%11%F4%CD%05IG%F2U%BA%26%99o%07%05%B2%CD%CE%87A%FFU%FE%A0%5C%07%C6lR%25%DA%CC6%3A%23%01k%F2%F8g%9FB%02%1Fd%D3%25%22%850ojv%7Bo%CC%0A%CA%DE%04%E2%90%83%8B%CED5%9DE%C3%CD%3D%29%3C%81R%ED%3F%CC%B0%3Dw%7Dw%3D%8Fs%14%90%C0%FB%40%3A%F0%BB%2A%2F%B4S%A7%F5%3F8%03%C1%B5%BD%40%D5v%16%5E%7F%03Z%E98%85A%88%7BJR%81~1-7%07%BDR%28%04%3A%D4%18C%80K%AD%D2%2CK
.w55c.net/ Name: wfivefivec
Value: bm1s1DLl1P5Kad5
.agkn.com/ Name: ab
Value: 0001%3AzCl6mA9Kq5Gygo0XYyRqu475W%2FAr7B79
.creativecdn.com/ Name: u
Value: 7YscRU30lWl4FVvFejMh
.creativecdn.com/ Name: ts
Value: 1671095065
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: ff63c8ee-81a7-525d-adad-625cce378145
.betweendigital.com/ Name: ss
Value: 1
.tidaltv.com/ Name: tidal_ttid
Value: ad90d04a-560c-48b8-9d12-20ea82e4961c
.richaudience.com/ Name: avcid-zeo-uid
Value: 00902228-87bf-4289-6537-a3d3ccee921c
.krxd.net/ Name: _kuid_
Value: PQkmTFNS
.adtelligent.com/ Name: vmuid
Value: 080997fa4c676efe
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-29b44e60-c44f-3551-a10c-3085bf4315be
.w55c.net/ Name: matchcasale
Value: 5
.telegrafi.com/ Name: __cf_bm
Value: bLqxOjf4yooFMFPytBSRjaNAxFV0YTMVSdP_lBo2XSU-1671095065-0-AdThGInW0eX9ev2spfa1Tc6QGtNxEbsZOm6acnXZ+lMcNHe+tW3Og73QxkV8pwyO0tqoTgk6jKVhc8yv1OOBR2lw5AtPFgGsRMpeEVA1SCoMoMwmb2A9vAXIIEW+Z+R906RtRGPmLdmx5x6b0JEY7Yg=
.adx.opera.com/ Name: UID
Value: OPU61bfd8c3836940f4a59f3635a5589137
.admixer.net/ Name: am-uid
Value: b2011afcd891426d91d8cb1b5922e995
.360yield.com/ Name: tuuid
Value: 00bfa135-716c-4be1-9b60-990dd91424bf
.360yield.com/ Name: tuuid_lu
Value: 1671095065
.betweendigital.com/ Name: ut
Value: Y5rjGQAM0UAtFczbCL51ORd2um5ZKBKY1zoBtg==
.yahoo.com/ Name: A3
Value: d=AQABBBnjmmMCECvjj2zy1Ai2-goN03rS7ecFEgEBAQE0nGOkYwAAAAAA_eMAAA&S=AQAAAv4H31ynJ4uZn8vDoewxqes
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjY2sjK0MAIAks/ycQkAAAA="
.adtelligent.com/ Name: a319130
Value: 318a6ac9-e17b-4d63-a3c3-2f67944bf23b
.adtelligent.com/ Name: a307558
Value: 03671d7b-c76f-45e5-984a-378b66f28e2a
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5rjGQAEKU9NwQAp
.adtelligent.com/ Name: a297253
Value: 5437143918759245556
.adtelligent.com/ Name: a584890
Value: 5437143918759245556
.fwmrm.net/ Name: _uid
Value: "h8035_7177298652682506764"
.quantserve.com/ Name: d
Value: EI8BCwHoJ_ijAA
.quantserve.com/ Name: mc
Value: 639ae319-8c4c5-4ca1c-d57bd
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-51082837-914e-417b-b8e4-9e849bc39952-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.csync.loopme.me/ Name: viewer_token
Value: eae953ac-ef31-4415-bca3-8a108a863879
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~28ux:18z8~28ux"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo&KRTB&19420-B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo&KRTB&22979-B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo&KRTB&23403-B86VuVTOneEcxc_sUsiB7FKcnbscmZnvU5ltBITo
.adtelligent.com/ Name: a309255
Value: 73adf05a-8fe7-4390-909d-b114f160a265
.company-target.com/ Name: tuuid
Value: f9e95bfd-1e4c-4083-b4be-0b6e5c7fa727
.company-target.com/ Name: tuuid_lu
Value: 1671095065
.amazon-adsystem.com/ Name: ad-id
Value: AzGl072iJ0pQrWG7ARolMcM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adtelligent.com/ Name: a307971
Value: AN69wlFJ0l1S9LCY
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECSkYPa81TPojKqDCMjJpBU&KRTB&16514-CAESECSkYPa81TPojKqDCMjJpBU&KRTB&23025-CAESECSkYPa81TPojKqDCMjJpBU&KRTB&23386-CAESECSkYPa81TPojKqDCMjJpBU
.ctnsnet.com/ Name: cid_b31e0c948e994d0d90d15fe923105297
Value: 1
.bidr.io/ Name: bito
Value: AACprU7HNcYAACNG3IaU1Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsby.bidtheatre.com/ Name: __kuid
Value: ea43cb5f-7609-4a33-a092-27fbd89faea6.440309065
.simpli.fi/ Name: suid
Value: A023190BF3FB4BC492F8481C00562A8C
.turn.com/ Name: uid
Value: 3591486919638650168
.de17a.com/ Name: guid
Value: 1.6376616859132444119
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7177298652685596820&KRTB&23278-7177298652685596820&KRTB&23369-7177298652685596820
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6086994825254833814&KRTB&23263-6086994825254833814
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5437143918759245556&KRTB&23339-5437143918759245556
.adtelligent.com/ Name: a289656
Value: 00bfa135-716c-4be1-9b60-990dd91424bf
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_87336f5f-7bf8-4a38-a726-fa52216eb481
ads.playground.xyz/ Name: connect.sid
Value: s%3AMqzzZjaMFkQxDfcUfjOKdanEMfmEH-yP.hDfekB6yz7Qeil%2BV831qxJvDphKHW6bRmnuPtX4ykG4
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3591486919638650168&KRTB&23150-3591486919638650168
.adtelligent.com/ Name: a281178
Value: 7F402834-9BEE-4BA4-A84C-B9594D193165
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6376616859132444119
.onaudience.com/ Name: cookie
Value: 21029a4eb220e58c
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-865905ec-dccc-4e7e-a799-fdb4100d6922
.adtelligent.com/ Name: p440467
Value: b2011afcd891426d91d8cb1b5922e995
.console.adtarget.com.tr/ Name: vmuid
Value: e137f4f9e17d9e90
.adtelligent.com/ Name: a318342
Value: e137f4f9e17d9e90
pa.tns-ua.com/ Name: uid
Value: Z23F6455B0744639ADA18D21ABC19D1D
.console.adtarget.com.tr/ Name: a307565
Value: ${UID}
.console.adtarget.com.tr/ Name: a737566
Value: 6086994825254833814
.console.adtarget.com.tr/ Name: a307457
Value: 6086994825254833814
pool.admedo.com/ Name: tuuid
Value: 247fa1b9-406c-4acc-a8db-2e02257696c4
pool.admedo.com/ Name: c
Value: 1671095065
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cc4714e2-793f-4ccc-7e5d-32055018e00e.kojNLk82fHHYgIrX3kb1d4H%2BqHh2PoubbUnAtGTCxyY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzEcU4nk_TMx-XTIFUBjgDtly2hQ.FUEj2Ls6fN6XOceJApTk634HDMz%2FP1YnQegUYXmdox8
.adtarget.com.tr/ Name: adm-id5id
Value: { "created_at": "2022-12-15T09:04:26.015546753Z", "id5_consent": false, "original_uid": "0", "universal_uid": "0", "link_type": 0, "cascade_needed": false, "privacy": { "jurisdiction": "gdpr", "id5_consent": false}}
pool.admedo.com/ Name: tuuid_lu
Value: 1671095066
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d64732986c02c4d8
.tribalfusion.com/ Name: ANON_ID
Value: a8nseFw5EGjAaINQeEsKCnF5UBZcIUZdmvDissAJbtKDArBSPEM5kdCRpjSM6jPSUT0o2AnZcNOtqSMY01BmoZbZc
.adtarget.com.tr/ Name: adm-cto
Value: {"bundle":"unqe3l9ZT3pKVGp6b3pvU3Bjem1IeW5JYTdkZ1lFWVh4Wk5KMTBNTmNqREN2aXdkRHpHSjhnSmc2TFlaRlNBcW1TT2VjYkd1N01NaE9vZXlmUHpmQXoxMWZ6YmR6bTUwMmtMc0w4ZGtGNTJGcUNUJTJGMFBKSDRNNXlzV3RiJTJGaTl2QVc0WEg","bidId":"as0c319raVlvVE9FcmxSN00yZXhEYlZBOFduaU12cjVsVXZDUDRUSU13dTcyUkh0MHBxam1kUDJIQlpCY0QlMkJQNVVBNmxzQklGc20lMkJxdzQlMkJTdEJTeFpVV0YxdyUzRCUzRA","pixels":[]}
.smartadserver.com/ Name: pid
Value: 1121704355552526551
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACprU7HNcYAACNG3IaU1Q
.go.sonobi.com/ Name: HAPLB8S
Value: s8547|Y5rjH
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACprU7HNcYAACNG3IaU1Q
.pubmatic.com/ Name: PugT
Value: 1671095066
.adtarget.com.tr/ Name: adm-sharedid
Value:
.admixer.co.kr/ Name: __auid
Value: 651693937daeb38847a050d5006ee8f8
.admixer.co.kr/ Name: __puid_103
Value: 9bf13ff6806e41b5b6c9a5d24ce946ba
.admixer.co.kr/ Name: __id_utm
Value: 20221215
.admixer.co.kr/ Name: __id_inf_103
Value: 0_9bf13ff6806e41b5b6c9a5d24ce946ba
.eyeota.net/ Name: SERVERID
Value: 20708~DM
.audrte.com/ Name: arcki2_ddp
Value: CAESEKunyg1NxGz_XSSoIYeePgY!20220908!1671095066568
.audrte.com/ Name: arcki2_adform
Value: 6086994825254833814!20220908!1671095066583
.mathtag.com/ Name: uuid
Value: 4b17639a-e31a-4900-87c7-761a3664b2c3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:2f17639a-e319-4b00-bea5-3a5a540521a7&KRTB&16736-uid:2f17639a-e319-4b00-bea5-3a5a540521a7&KRTB&23019-uid:2f17639a-e319-4b00-bea5-3a5a540521a7&KRTB&23208-uid:2f17639a-e319-4b00-bea5-3a5a540521a7
.audrte.com/ Name: arcki2
Value: 78bStFTLX6yTxSA3ifTBJhVEA!20220908!1671095066973!ip#217.114.218.20
.adscale.de/ Name: uu
Value: 0f1aa06eb2ac45e9b674e4a46b5a902f
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: DPSync3
Value: 1672272000%3A226_221_219_201_227_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1672358400%3A35%7C1672272000%3A214_220_161_176_88_13_55_251_8_81_204_99_56_21_54_233_22_166_234_3_238_7_71_165_243%7C1676246400%3A69%7C1673654400%3A203%7C1671926400%3A63%7C1671667200%3A2_15_223
.fiftyt.com/ Name: fifid
Value: db5ee13a-37dd-49f5-62e3-673afbb2c99d
.fiftyt.com/ Name: cs
Value: MTY3MTA5NTA2OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fEn23LCBNDpneN2W_RBQU7klkBJsRJQhz9dzLQe7LXle
.onaudience.com/ Name: done_redirects161
Value: 1
.audrte.com/ Name: arcki2_pubmatic
Value: 7F402834-9BEE-4BA4-A84C-B9594D193165!20220908!1671095068588
.semasio.net/ Name: SEUNCY
Value: 3B35E0D1B62738F4
.adtelligent.com/ Name: a558003
Value: 7F402834-9BEE-4BA4-A84C-B9594D193165
.fiftyt.com/ Name: fppm
Value: 20221215090428
.onaudience.com/ Name: done_redirects147
Value: 1
prebid.adtarget.com.tr/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNjA4Njk5NDgyNTI1NDgzMzgxNCIsImV4cGlyZXMiOiIyMDIyLTEyLTI5VDA5OjA0OjI2LjEwNDEzNjA1MloifSwicHVibWF0aWMiOnsidWlkIjoiN0Y0MDI4MzQtOUJFRS00QkE0LUE4NEMtQjk1OTREMTkzMTY1IiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMDk6MDQ6MjYuNjE4ODU2Njg5WiJ9LCJzdHJvZWVyQ29yZSI6eyJ1aWQiOiIwZjFhYTA2ZWIyYWM0NWU5YjY3NGU0YTQ2YjVhOTAyZiIsImV4cGlyZXMiOiIyMDIyLTEyLTI5VDA5OjA0OjI4LjQyNDA0ODYzNFoifX0sImJkYXkiOiIyMDIyLTEyLTE1VDA5OjA0OjI2LjEwNDExOTFaIn0=
.casalemedia.com/ Name: CMTS
Value: 2135
.criteo.com/ Name: uid
Value: 87302320-08a9-4f98-905f-6de411b0f66e
.adscale.de/ Name: cct
Value: 1671095069627
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1671095070370
.m6r.eu/ Name: id
Value: 1a41594e7d0e19d064cc564c466b2bba
.ih.adscale.de/ Name: tu
Value: 4#3026863217#48~1a41594e7d0e19d064cc564c466b2bba~464193~0~0#101~BBID-01-03458090687280972-16788348~464193~0~0#38~CAESEKE8PNcHpsjyKqDRu0vv8m8~464193~0~0#39~4b17639a-e31a-4900-87c7-761a3664b2c3~464193~0~0#40~87302320-08a9-4f98-905f-6de411b0f66e~464193~0~0#42~6086994825254833814~464193~0~0#108~4b17639a-e31a-4900-87c7-761a3664b2c3~464193~0~0#63~Y5rjGLRqg4TjQCUNTyudDwAA&1148~464193~0~0
.pubmatic.com/ Name: SPugT
Value: 1671095069

14 Console Messages

Source Level URL
Text
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=206&frame_width=367&iframe=0&title=Gjirafagg%20-%20CCT%20South%20Europe%20Series%20%232%20Play-in%20Stage%20-%20GjirafaVideo&time=1671095062942&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Ftelegrafi.com%2F&host_url=https%3A%2F%2Fvideo.gjirafa.com%2Fembed%2Fgjirafagg-south-europe-play-in-1%3Fautoplay%3Dtrue%26am%3Dtrue%26c%3D1%26m%3D1%26utm_source%3Dtelegrafi%26utm_medium%3Dembed%26utm_campaign%3Dcct&random_number=812056534&sess_cookie=ec0945c91851507119ee5fb7802&sess_cookie_flag=1&user_cookie=ec0945c91851507119ee5fb7802&user_cookie_flag=1&dynamic=true&domain=gjirafa.com&account=FSv0l1aIF5y3zM&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://video.gjirafa.com/bundles/hls/v/1/2/5?v=mDCKfIWAcTdu04MeBOTCK9LBXH8uwnyU_9mncCX8vrU1(Line 4)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=00902228-87bf-4289-6537-a3d3ccee921c&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=00902228-87bf-4289-6537-a3d3ccee921c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7F402834-9BEE-4BA4-A84C-B9594D193165&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5rjGQAEKU9NwQAp&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0yOWI0NGU2MC1jNDRmLTM1NTEtYTEwYy0zMDg1YmY0MzE1YmUQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MWFmMTgxYTYxMTQ3ZjE0OSZ1aWQ9dWEtMjliNDRlNjAtYzQ0Zi0zNTUxLWExMGMtMzA4NWJmNDMxNWJlMgIaDjgB
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=21029a4eb220e58c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXbaXRgWnhXXanVSj
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=00902228-87bf-4289-6537-a3d3ccee921c&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=00902228-87bf-4289-6537-a3d3ccee921c&reqId=210753a0-6c48-42c1-40e2-b740131ccb58&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=zEcU4nk_TMx-XTIFUBjgDtly2hQ
Message:
Failed to load resource: the server responded with a status of 502 ()
rendering error URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Message:
Error: <path> attribute d: Expected number, "…237 12.6028C53.7he3 12.2978 53.7…".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.futureads.io
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adx.adform.net
aghtag.tech
an.yandex.ru
analyticsvideo.gjirafa.com
ap.lijit.com
aud.pubmatic.com
audit-tcfv2.cmp.quantcast.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidswitch-eu.splicky.com
bisko.gjirafa.com
bisko.gjirafa.net
bisko.gjirafa.tech
bn01.er.bemail.it
c.amazon-adsystem.com
c1.adform.net
c1.futureads.io
cdn.admixer.net
cdn.izooto.com
cdn.jsdelivr.net
cdn.onthe.io
cdn.polyfill.io
cdn.taboola.com
central.gjirafa.com
central.mall.tv
certify-js.alexametrics.com
certify.alexametrics.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.iqzone.com
cs.mobfox.com
cs.yellowblue.io
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu6.heatmap.it
eus.rubiconproject.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gjstatic.blob.core.windows.net
google-analytics.com
green.erne.co
gum.criteo.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.sharedid.org
id5-sync.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
ipac.ctnsnet.com
js.adscale.de
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
m.trafmag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.new-programmatic.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nh.iz.do
nhwimp.izooto.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pahtuo.tech
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adtarget.com.tr
ps.eyeota.net
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.com.ru
rtb.openx.net
rtb.prebid.adtarget.com.tr
rules.quantcount.com
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s1.v-player.net
scripts.futureads.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
serving.stat-rock.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.go.sonobi.com
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
tarantula.gjirafa.net
telegra.fi
telegrafi-cdn.relevant-digital.com
telegrafi.com
test.cmp.quantcast.com
token.rubiconproject.com
track.adform.net
tracking-a.dsp.m6r.eu
tracking.m6r.eu
trc.taboola.com
tt.onthe.io
u-ams03.e-planning.net
u.heatmap.it
ub1doy938d.gjirafa.net
uipglob.semasio.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
video.gjirafa.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.telegrafi.com
x.bidswitch.net
certify.alexametrics.com
creativecdn.com
image8.pubmatic.com
js.adscale.de
sync.1rx.io
103.229.205.242
104.18.33.19
104.22.39.196
104.26.1.156
104.26.15.190
13.224.195.78
13.32.27.107
141.94.171.212
141.94.171.215
141.94.242.204
142.250.185.162
142.93.168.226
144.76.120.254
146.0.227.108
146.0.227.109
147.75.85.234
149.202.74.47
151.1.205.165
151.101.129.44
151.101.130.49
157.90.157.235
159.65.196.12
162.19.138.118
162.55.120.196
162.55.157.193
162.55.233.28
167.235.33.113
172.64.154.237
173.231.181.122
178.250.0.163
178.250.2.146
18.156.0.31
18.158.138.18
18.159.155.47
18.193.28.75
18.193.52.247
18.196.15.33
18.198.69.109
18.66.147.47
183.110.238.136
184.24.9.113
184.30.209.152
185.15.245.82
185.172.90.249
185.172.90.252
185.184.8.90
185.239.172.58
185.239.172.66
185.46.149.20
185.64.189.110
185.64.189.115
185.64.189.229
185.64.190.80
185.64.190.81
185.80.39.216
185.86.137.132
188.40.115.112
188.42.196.115
193.200.65.6
194.213.62.34
194.247.175.26
195.5.165.20
198.148.27.139
198.47.127.18
198.47.127.20
199.115.119.227
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.234.175.175
209.191.163.210
212.102.56.194
212.129.3.112
212.82.100.182
213.155.156.183
213.19.147.45
217.65.2.150
23.35.236.201
2600:9000:203c:2000:3:a4cd:8380:93a1
2600:9000:20eb:2a00:6:44e3:f8c0:93a1
2600:9000:2142:ce00:f:4f64:8940:93a1
2600:9000:21f3:2a00:9:46dc:4700:93a1
2600:9000:21f3:2e00:9:46dc:4700:93a1
2606:4700:10::ac43:db6
2606:4700:3030::ac43:c0ad
2606:4700:3031::ac43:81b0
2606:4700:3031::ac43:c203
2606:4700:3035::6815:c5a
2606:4700::6810:5614
2606:4700::6810:7baf
2606:4700::6811:3663
2606:4700::6812:19ad
2606:4700::6812:d841
2607:ae80:128:1::49
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9a
2a02:2638::1c
2a02:2638::3
2a02:6b8::90
2a02:6ea0:c700::11
2a02:6ea0:c700::18
2a02:6ea0:c700::19
2a02:fa8:8806:20::2040
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a03:90c0:41:2801::62
2a04:4e42:400::282
2a05:d018:24:b002:d133:9dc2:a783:2cd2
2a05:d018:d29:3601:1fd9:6969:7081:2e2b
2a06:98c1:3121::3
3.120.214.218
3.124.13.195
3.210.61.234
3.33.220.150
31.28.167.114
34.102.253.54
34.111.129.221
34.111.131.239
34.193.201.64
34.96.71.22
34.98.67.61
35.157.204.17
35.175.58.50
35.186.193.173
35.186.253.211
35.201.96.126
35.204.74.118
35.210.53.219
35.214.223.115
35.227.248.159
37.157.2.248
37.157.4.28
37.157.6.233
37.252.171.21
37.252.171.52
44.239.16.115
46.105.202.39
51.68.155.202
51.75.86.98
52.18.219.253
52.19.187.82
52.212.89.6
52.239.139.164
52.31.244.189
52.46.143.56
52.54.29.118
52.58.14.43
52.73.105.161
52.94.223.167
54.170.181.43
54.217.130.182
54.38.197.123
62.149.1.122
67.202.105.32
69.166.1.10
69.173.144.139
69.192.160.219
76.223.111.18
77.243.60.138
8.2.108.175
8.2.110.206
8.2.111.13
82.145.213.8
83.222.114.188
85.114.159.118
88.221.168.207
98.98.134.243
99.86.3.236
0014fdb5c5fb77c0da95253ce640bd62bfd0d8fffe1c5a57432372f783f91739
00319564ca166d01b77f3be22cef21a96c3bc39187ec3931d39ac51dc826c001
0054825a53f1f808922c57dacc72134eacdbdeeddd4359edeb816b06c50f4ccf
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7
034bb379652a45602be744c45a00f31e7cd5b3edbe937821ffd445d666ea631e
056fd1d4b77d12316fc14a6ad64a78a3db47e719680fc01930aa89ad5bd385b4
058c87f17dd9683d9508757d18026665dbd2a4887ab6b63a217a5fb18fc7297c
06a7dd5298693f7b79994d18c6261580c41065317e08555844f3dab606275eb5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
072e9850774236e199dadc50f2e72ca2e89d1edc9b955cbafcdf6bdf6959afcd
086b1b1c8aabf9d102160f6f23d6f00d6313994cc942fb924226b30f8471198c
0957311c8318f0d2498805c7bccc65cd0c86c643e12ed83031452e5f91152e4a
0a0d95254b1b62be82df2c80fb4c1bfd84d029afc773ebbef9ca6666818d3a66
0a1c93c416231a0dfe5f899a927de42391be0ab3d8d564f9307fc94c5a7f8445
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
119a4c9e48102442e423807a8b795c8730e0d633536461a917af841ecc15faf8
1333644dfea36fd07de552c72d6e7f4a2c37f8bffb0f810f1d88bb58b137996d
133b6909bca752eb87a233c424ac6af01417d79c56344576aae633cdfa8a1c54
13c71e98b10b2937e5505301cd665d7357e91bcc5c92e1401a895f61f322e571
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
1449338e293b530a4f6e0b8000041e8065aaa7cbe77c5517fd51a77bbcc4101f
1451be84b00255629f44ffd4b5c2718776a3ed76dc46beba5dfe53b0754cf753
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
14eec7295e73242aff774c5b71962ecf640f4bcda0ce68df52a283c8e970613f
17935569c1c4b0330e9b1cc9be4a160621f21541d3d746194f88d9d977a04434
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f182e12153e765b074bacf17b8731688c9445fb55bdd99401cd2e9d3a7b8db
19f16f61a773e0bfd8360452873aa2233b8dda3e2bc6cbe60fa196ced7a1d339
1a33acf80f123698f1461ecdf8ea4b11fa93d2c717dc29a55d1b67fa01071ffd
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
2056aa5306ae09355d91e6ea1e28c661da1a7694b1fa3797aca5f9af059dc7ec
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
20c9901542e5995d35db995bc7c8e55e0712e91c8adc01f49c53806d7c9504b6
2416aaef36a5b09c0c89f4d37095b32d71acc872427539ac21393fe667aa2801
253520fdbceabc59878aeaea63329df314883d79606c8ba785698105775c448d
25d9e0c7de1c684f35b03b97dfa57dc264686615405257dafddd6d216adfcc5a
2620f32e95ff30963e5af9a9c3c8c07f62a4bbd76e59eaab7d735a693e96eb33
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268c3785caf56f9aaf8e8365ebce2941bbb1bfa597a28bf89c16b4c1f095f438
273ae9ec1f3ea9fc943970fa7a6ad22d2403eb75f102317351236c4b62a521d3
2808a53372b058aa0548df5c51facdfec5edb31f59c5f7f99de047599818a740
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2811ec5abe9ffb299c614ede71c2b57da8fcbdd5822249286ebf93e90f91ab5d
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28ac29e8f6e07dc30e6534e9f560c0460792299cee69ff7d2414936f4f837c47
2a0eaf29238741dda58dd975d9385d9b2f530df3cf8e0a78fe089a0d6aea5218
2a3f665fd38311a12d279f5099b71b69b3da7e6f32bb2fdf3e571f806bac5c77
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac68e63b7ecbb47b11b9628af11214906d83ca569cb7addbcf17cd7def11808
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2b1729fc9c96b7317f0b74e7bcfbb775461c7e187128d991df60245f83250422
2ba16308b9257b263c09cea8c98930db11c0a0e4ed9eddd6a0967c8a0e74b433
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
2c6b82d79ce5ea42664dd6536b0e1736918d39c1eb5787036eab80e957cfd47a
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3239aff1459e1ec3d35e67598c38142d3ca0dc0d77570da00ee9d9c8a8c5b4a9
33f91578473245302a6404b79b612e354ddbe2bf9b7ac7c7543c2d3a33aef00b
3416f0b3c596d165e72106ace8bee89ba24b138552c113f8004a58b77a13d9c6
343cce4970a2346df48dd4555da22c8e0756244d04d5d5d5da0cf52c93439024
35a7dac037fe8e2beadabc54cea5efa7fc666cefcfc38a4c39b9d967c66f811e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
373a7a391ebb5e83270af187fca04fbe04f214612258c2cea3c426945964bd04
37752caee00abaef41c9735eda4971c65b1923d37c6aa916fc222ca20bca028e
37b697397c56a08f29c653e2e3db507bb88fe5866fa5cbcc65968fef098e4cd1
39d0ccfb1930b45a4ce93afa927532438d6aa370c3429d603f58363e595976cd
3a89b74b18f0cf58377f6a6e3a478d7e8b847ebe9b6a190611121a901f649bd6
3af74546145c32a5d0ee118eab2e754610a8a3697b0eec32f386d24f25545ccb
3e3303b53c44389d11252882de16d59bc65f78b2aa95ba7321766fb585829855
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4112760bd40a3e1e9870034e7b736d161dbc299c39e94674a45aba76fe91c3c2
41854f41fe85020edc0377130d956283c0c533e9996e3a7e3aa7e909f93dc954
41fc6ccc8b0e7b5bf566840b83ff170162aa6bf4d8a8b7350889ef5cf8e92c3d
4356f4b69fae0e7e1674a98f1e0e0be219f00ee64c82019b4ec220ba4942f45e
443b49ef5776a0321e1541a0fc0ac6269604b2d4bbb101ab1c4e2be74748141a
45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416
45bcb96d58ebbf58bf1fca9c58b3326289680d6e13f67a102f2bf156c73525bb
45c6cab14c40f1cf7d05444d73a6ca20440de692dde61be8425e632b1036a52f
46196187d2b447b8e346959ff3465993db2b0918a7541a8ee8bac69a26eda5b0
47f2db4c76ec313bef91bbe4d279974190d78801ddc88831e102c3c9d5382f69
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4973aec3023885bfe75e82f46abea70f6de102ae97ba4d247a6093d4622cbbea
49bb63a34137f5faebf2c307e25c4d723fcc1792090d8aad2bd904238c1c99aa
4b04e2b4936cb6c67772d17bf309b3d707072cc4b78849c2620eb114f52f22a9
4b2c437647bfe581cf2d101a3c7625f9a6c9260116a31c0c51d451435d7ed1b7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb2b696559c50c649d30f5a4c1a3cc78b15cac2fd6d50f362626187094a1acb
4d2605e447e9d35d51ec72f840c4a3d22a9ddb7efd33aa184fce5519a36fb53a
4d27acc0f4d2aa1fdcc6264782051bc30bf4d2f64e92bac73aa0d759d38d3c78
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e20a8ee64ff29fdff34f921f70f6ecb18eeb684f38a9ca412855b79de1d3cb1
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fda3c2a26891701963aebeffd5d742a2d5de3b0a2a3f9e9f3053efabd3cf2d1
509328beac43e8f4a208d9810b25095e108d14321e134e99bd9aa49fa6404d1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a21de8e50cb5fec4d27925459bcefa46d0dfd9be177eaaa765fa1ec9c9c649
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5642e7c763fecdd8d82b39285f1c56f387b5a2f9db8e4621351589b48aa97e97
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58272341feec055ab30f3cb03d1d29d46ca5927ff64fd0c3b3ea5360db92ca2b
5a001026a742c5e6f68c2a6a9ccf596bf388714ad22db31bb78bd7c55d68d540
5a4934fe889bc2f975cd69f0c35adc72107079ef0d36a139fa141b5219e0e6b0
5a8906e11af051c14e06bf37bc863b3ba5bcddacfdbdebc5df776d631742089a
5a9b6ff9cea348fd79a340e6fe10de95b0b50f4e4aff152a18fabe90e93ea352
5b6b5a7a695b2e187d7b2c5b35b12c30ef83a076c8bf57307ea71ea4885f2592
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c40aa16257c7546eea3dcec912e746283e67917083b137cdd8f8782b1388521
5d40c64fef8ed2234d505471d6d072b2c251fbb43ca6c2f83290033de9f2a5cf
5e01eefbdf14208d4d0bd333bf07b911c4edc370b9456d1dfafeee47063ff10d
5e0e28ae6fd5ff00d93343c0aff72f35205a377d59d38507a45b21d4ac5f105f
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e861b395a91bd9d6ae2d29e2167217579498c8652ea96e684fe5437b6dcdd03
60d7148dc41d39754a28df8e9f0189037c531a19ecc84dfeb2cbc2f58d714c61
60f1b66c39653e5ed61d1b2d076adca1307f2352d673345a180b4640abec3c3e
61a8d045249590c8d0bbd875b71dd1ca99ca480b1958c758e838bb10e57d0704
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62e7600cf62ddaa872464665f98e17f996fa842d0407bc5ff755d9cd4e2832ee
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6463627134cc4c1d4a2a6074dbc030929369ce6c318ada0e3f246f3b6f806828
64746889a72676c0988149b85d76f5c93395a84a71fb8f36a30129ccfb47d4ee
66078495f7cb24e6c59bc1a4e8e1ba63800dd8b7669a1b9201de1194d201aa9b
672ad3899570fcee857a310ca1c38d4d5ff2647dd305377255951fdad3721286
67d61b6fad5ff7f2f24ed88b0d93f34e726e4243598a359c0a79a7249c18de4e
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a2b11082b9e571d43ba632ed4ac448f46aa16df76c5c17c56510b25beaf653e
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a
6a82b1f0802de3765dcc7cd7cfbdbb408adf46cfa0907e5335e1892ad5846656
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c1f513937d70e994867129a0c9ad33b6110b85e72472938655ccf7c980f7fa4
6c92ba7f703e5ed41a68b43098d5a8d3040f65f6020e5cb6358a15512ce184e2
6c9fe71e05e63690230d5fc96364a60e2ca70c51d1c957dfc44a9bb66c877f23
6d0e3b224070371ae3378d95d725a01f8667d8d9207b396f2417ca85e0149881
6d39f8601d1af317629ba77353db03eb0ba85ace77d7c1e83b860ed58b693e21
6ebe9b09d8aa6ba756372a6b4e07a3585ada4349b3e94b47a7a294f7ea25c15e
6f07829bef22970e4804764f38f845b1a2068640f6b28e07e606f4a3c67986f0
6fc8031c5fec6a062cf0a19a11bb9f4d1b35b7dc0e5cde817a809f4dd99d6e4f
6fe12f443d57fba3f686959e72e430698b8a78465c198284f3e44900361cbc28
7059f0fd833e5252de2900f68b57dbebac6dbc8b0b12ed96c0742d6d7280f755
72720755f75baede2cb757a8111daff30a7c322428eed7a24b37d84fbec67993
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73b5bd35c8eff72e7b37401c8a57fe5a3a1a98028a3c318a9f16446167474b9e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
759a7832652307a3887378304f8ef16b8a9390e48172cbcfba5b2e7a23923778
7709c3853e517c95706c7eab94e98e78407cfa90501c0d7b264e155a5f43d1e4
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
782533b40447e6fd5605e3b3110dd6963ff20968dec5d26392234923cbf990cc
7844cfb29c5da5aaf907a24611ae207eeee959eadeb087ce5d01713a4267cd2a
7885b62d27f957718035a5deb48fb2a7448eb5ce4e1a4eed51f6ce8ef09edb90
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7c07250452cb9087d382084ab3cf47ef0761c9765ed95382f096103382c43332
7caafcd4f20d38f449e069be27e1b0ac73e0d306eecd6647e74a1ec689c9044d
7d7962210b6e797e08c011395cf88eeff6c058253b4242b8c5256869f778597e
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4
7e07140e4eb562b6f19aecb33cab48b3f7cb5ea1bd0ead0fc3e0ce5edf3edd7d
7ee63047267db98895abbc28e0a956b375c4b752f83ff94651cd5d3b139d9c3a
7f1c076dbd3912a5807a7dc95af0c12f34c92f90af7256fdfa482a8e9478d889
808fa77fe08764c55b937228eff68dc67e3a796818831d7be932ff2a63a5baf8
8208d620893b885a91778378cf304bd40c73decf639ee1ec487e91804907ecbf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f71ff5721d63a70f33ffc743fa795b2b15573645198c98bd4f3a320e6394b0
843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c
847c277866c86ff4c59b99c54c9f9fcff08af42d1f055bdfa71fd005d0856d83
84b92908af048658067ce5b3a32e6b075c8665c865beab04c5e01198c3fa72ed
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86965e891211cbdbf9481ef6d2412eae314b2f6573fb34bae94f982711ada043
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
882b9134faf7e6f109299fe257c0db3058b402eda176df474db1377d1157e987
898457a53e75ec77c298e7dc3b8386046a056d223255f0bfb0c979d63dcc059f
8a8df5e0f3808a11dd1c91bb2c05ac262c8779785f8e2d7ab03191306ecc73d0
8d24911150a4799bd44093e6b1f657b908faa4e83ecc3bb8b1a05c7086dc6a6a
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2d93d95a887c7049a48767ba91fb4d54802b9eb632fed06116967e5fa116fa
8e8903ce6ab9ecc7b5d141870ed5b2b16d9991da806948e6205811dc40301d5c
8f5d422fd4383d90bde3351c85b1612b0aba7558f645408eadfd783aaef708c5
90713f8d1e0938d68cc07ae054e07fd92e4abacdf3c6e794641922820bd26147
914516dd439448f528815bde4c68220ad2b99764c4c36fa7c26f5753956dc544
932e65624abfc7a96e87351da6d69bf850b893d28e9159aec8002baad02b56bb
951c3b22ff10307ef143d4c47b0939bc203173fdfe0b3bd5f2be34f2551cf0f2
958e0ef6252b25a08c297d0d044147ba78d5b7fe2dee20dc64138a410bcc24fb
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
95c2f1e9c92a3b36266af77682b8b7ac7ec9148c509582a8bc0c8a9a5d84bf50
95cbd90a386319a0337aff2fbdb889e790051c38adca419c3d7d05ec28e90263
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99af34f0bd0acef52afb5e513a184f03bfcebaa8134ac8367e2a5027d1cb2773
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a01cf7070ca19a8f1c9c0539792449682d92dd5e57cf56609bf706364355f23
9be824253d1179f3d5448a3d75ee9699060e7bea3b6991c1c8edb87370b0fc11
9c534854874ac7f16a007c3e30fef837c474e50f757ade9d1c49977b981b78b2
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041
9e02fcd53d8e962713d58cee2026d550350924ffabe7ef36e91aa06711a6f807
a02fdcd2250a4da291e9f6eccefd36b64864ae8d27969225baa44199d8a520e8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c6f6ebb96dd622346b5cdafd1293b1fbb7ab16cf832683fce4ea5ba42d74f6
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a24eaa87d394e82bf4c46c8fce9d490c95367a1c7366562b1c153dd5593e2531
a273072d4326cf4fff7510301462667c0c97a389b2428ca9f96a88316bec31f3
a2b76159580f48547621ce2c79c1f8e2ed7e4068cfa53e6b70ae5a1ddad7ee2a
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a54bf38cbd1e24686b4d06e6eef66bdabe95db066455b22dfcf30a94d52fb9d0
a6f337782490f9112432f404d62ba219f92427c8e29e062c951141d75a9056cc
a72bede3e458cf0f0a418b051e1b6e8ebc245c75a7ac2561392ff05604db2ae7
a886a7694df82fa71f74dd061661ba62fe1865e8e34dfec7ea5ec48b1c0c5d63
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab3c68676b9be4e1e238ffe271e7e853518ff03e153f1d7c33b818381d7ac2fa
ad202eefd1cb3f93193dd6af1cc6c2b88de5e9da86d2c10aad2540d996998ea6
ad5fd976b8964c2f9e7c54e9347b7c96de689d1cbce605aece3ef7fa0e987612
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ab87dead82405e7357f7c03ced2b4d5d3cb991e3fc59587c22486519ad1483
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3f27b38b91442bd4021a63fb1ef8ed0fae5f1c13bc00f45ce97a43689ccf061
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5a2c266ffd1ef3d450d520e269f2d9e4314bdc9d517f2463e2605a530399747
b7309563f69317eacf45270be692b935c811d4262d49c7f8d5d7877ff56a84ce
b752cb4976e7ec23d80599b209396750d2abfabe766bdbae74edc2a1461a1d48
b7e1fedfafd106b7731be4d608f01d45b9b725afd6d5231cdb4183fcf17a7fc5
b94aa5f47663caed03a5caa2f1fb9d3654e65a2c679e8dcb00733515507ace05
ba13bc8504c827c0d0e1ae7befe2610bbeb05ec46ec41e673b18fab5e3481255
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bcd7e9903818f14e91f11ed06885a4966cfa93b1d4e3185b5a782ffca335ee72
bdf57dc6d88662cc2092ed4c6aa822d738c1a04d7a43963d7444d37d7fc08ed3
bdfb0d12ba966be7f43ac632460c02f1c4edb3705682f3fffa03397ef7b9f32c
be4ccf6f0f6b7abd06c20fafd905b6f0a4b0bc521a9189ec1fe19eb38dcd9582
be732037583d3de6f5cdf2e1d5511532fba2b1992dcfcb63af691e003c4f3730
c04edc6f61d5124b8ed2c1858b3c43f456d317fa247c6727b30e91a788a2b8ba
c14dcf5604890552f58368810e1b3a0a33f9e4a168d245d0131ff1edc4248cc5
c1dcafbe9407c301261985c3dfb80d73966d57e2bb5d67de978222cb8765e17d
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21a826975534a2bdfdac25fff6219fe31a38a8cd2120a87b19d775047196892
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c261e30a476d56f895b5a24412062f8d8a69ecf4b296d2428f4621901c4d42cf
c29a376df7b0a419b1643eb83d428185f408de5f99238a09d9cf75a807533f2d
c2b4bddd4ea8931a57581de87a1a5a66c121e52c42040e234f505b4c53e82888
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c391ddc95cb172b8d8951cad22e2dbd257bb184ebe755f73f1070e650171779c
c4f509c666f64e0f510df4c52cf80861f27f6587ed47d2b9d2424f8f4f2e70d3
c50a0366bab0d95bd0dfbbf67ed889b5fd383ee7464a77660088c32e4ef91c20
c5ae442d03bb5eb4b6ff489d294efce9b49c309d6779c1b9573bbc57c262ac6c
c7072f55713cf3691a2fe2016690f86efcbc53ef7632267b02465e90bdaff5b6
c76ef403b313b1fa426b2dbd430e83a63a261ab340188c7d427295fbca03ccd5
c82fab08e93db8934a27f5b26ddf48c8a013a92a21ea15b7fa8b675b0d866040
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
c9620b40f89d1e064d435bb41cfae0a4477595fff9bb4cea8ba7217a12c47784
ca337629f702d5d98c73968d0003d69eb7297d559df865fc892f4af68e3fb9c8
ca38ab561201a1a68867f61d4fb3df9682756c8927fe80f047624e7ef662f0f3
ca40af5b7af04cf167937b617182b5d05d3573a6decb868581a9f76979bd2b9e
cba6172988c4f2a636c28d2c46741ebbb03873f482eb038b51ee0c4840c9d13f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc3fcd2e52012d8f58f0db58f372c75d38353ee64a0eb6b722239884f689246
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c2fd316d98b565311b9610e8b7855897e15c37718a91a4c997419476f2719b
d21d22ee93d22ac238c8733e8d5880b0bedd3a3436a1113d8efccfbe6b03db47
d247402b05cddfe0b07d3da95a89c7a4793eb3fe0df3254ce1d854425143a11b
d2599472057f7948c9bca5271dab5e14b12df9f56e5c82f2d9bae355200f3da0
d2d4ee6c2bf439e55183debcc0bbb40e601f3ea8506c337586f60a4c1a31ed4d
d38088d4f98790a4d872f663aa8766efc59e31936fec180e3a66c316fec43a55
d3cb7a3c9d4207f1a9a9933df877aaa25960e8d7bc91067210e6f40649e11e70
d6e84a9f2656532891bbcba944f5125618cfa95a33fdeae7828e97cf21d4135c
d7f35e0f30835a31a886851631773a1ff31624261932d266ef413165f4bd30e7
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d932503147c8bbb97b24664f800cab971a1e40448bdd0375f0f3ffd951073e61
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dabfd43331f3d07d696de9630d3635df9b4ec7c2353ac3a5ed43a65605990787
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dff2c1ab9d71eb52fb90d29a5d3df7171900d6fb33373ba74c71ca7fa8d9de35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e458fc06a6d53815902b8a54e694987d11caac86f6561e8877b404c131dac1a5
e469a70c9bc4b220109d1bd323e36e290327bf8e78a2d5b744826300e73dc5e6
e4f189ce94a53b6316c93df795e04c79f2d0aaf5ae29cacf8dfcc6a3ae705f4f
e5c6b74aab138b30b1e7e29cc1377c646142dd133db41771266f8c6466e380f3
e61f4874d89af964ff2e37083b60a8da2cb1b003def82041ef0f5c8566a8385b
e62ffb7d9dee508bbfee0d0b1f0cd47af712100c192107648bdccbdd4e146515
e76f322fd620908a0b5abfa5e61201a56f815203706911327b7aa71d02c95e1f
e7fd5a6f773ff501870442385b9659b0b21f4b2ed4003b9ed9f05bb4597cecb3
e96039ac7e15c811f8d6469d9420bd062a7a1574adbf798f4179bdf9dab83fa3
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
ea1fac26326bd720db4b866d74095b000e687c265752826f86c6bf92c3298ff8
ec02b7662af7adc66171a6fc065fc531ffd6b2ffe4cddf498941c14788f34e6a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec324a7995811a36af747005832557f65999816996e7c73c1ef31054a916a7d9
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee6cd1e0bcd667e49b66328e644330d83b53339dca84edecbb914bfd9e4964ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1
f1f860f91d82b7d6a8a76685b085a8a91bc6ee5d79f17ff35eb44d94b04f2683
f2138d781cdedd47cb2160db83a0a80dc1e94e0ca7569a29b97f21e7def5eaec
f313d74e6900ebed442c0aee18f603dfa5a52dcccd786e6f34ed748990659391
f443b82705b6746e2ce556eaf314ef3335b4aab13f82bfd2b84960c474d12418
f5d7077a30dfc7c91cff8cdb8af3b8db14ac790cf886d6127c2b4f63648cfa3f
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f731690b85fbc4d4cba112dbc1d6ad001e5d754ebbcc1344bed7acfcb880ec53
f9e146cf548483ff23de03f7df499088925b151a115865bf5eaeb976e4e44d4a
fb0650c7bc5e9c20dd9bad9ca7ee46581cf3f48519ed35d31cb27266beb7b976
fd0b4af96a3f7b7fe7a62c83430ea2d8b80bec7276f0d574d2c1f2dcbc3090dc
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe359c7b023096aa10969ca13ef360752254d442d55a089369425629d9283492
fe7156d8e7be5cbb3506804b16a96f73591ced0d621a6b5f34ca88119d191b8c
ff7803b6ccecf2f80204a2c75bf7b43bd18b8f5a2d828732b7422898583dd54c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995