Submitted URL: https://cdn.midas-network.com/api/lclick/content/?id=435897&pwid=4298&mclid=9571F46AD68ac4ed4865ae6bb05d523b&dev=3
Effective URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_s...
Submission: On December 18 via manual from HR — Scanned from DE

Summary

This website contacted 42 IPs in 4 countries across 29 domains to perform 144 HTTP transactions. The main IP is 172.67.25.100, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.telegram.hr.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.
This is the only time www.telegram.hr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
36 172.67.25.100 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.68 15169 (GOOGLE)
2 104.18.176.126 13335 (CLOUDFLAR...)
2 2a02:26f0:710... 20940 (AKAMAI-AS...)
6 104.17.111.223 13335 (CLOUDFLAR...)
4 157.240.195.15 32934 (FACEBOOK)
1 157.240.195.174 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 142.250.185.67 15169 (GOOGLE)
1 4 141.95.172.70 16276 (OVH OVH SAS)
5 172.67.159.162 13335 (CLOUDFLAR...)
3 216.58.212.162 15169 (GOOGLE)
3 142.250.185.98 15169 (GOOGLE)
2 23.56.202.187 16625 (AKAMAI-AS)
3 108.138.3.93 16509 (AMAZON-02)
1 18.244.18.114 16509 (AMAZON-02)
5 18.66.102.66 16509 (AMAZON-02)
5 91.134.35.216 16276 (OVH OVH SAS)
5 104.16.144.111 13335 (CLOUDFLAR...)
1 104.16.143.111 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 18.66.112.32 16509 (AMAZON-02)
1 143.204.98.94 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a02:26f0:710... 20940 (AKAMAI-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
3 18.66.147.17 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 167.235.124.60 24940 (HETZNER-A...)
1 146.59.30.96 16276 (OVH OVH SAS)
3 142.250.74.206 15169 (GOOGLE)
2 157.240.195.35 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.175.38.6 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 18.245.31.92 16509 (AMAZON-02)
144 42
Apex Domain
Subdomains
Transfer
36 telegram.hr
www.telegram.hr
talk.telegram.hr
images.telegram.hr
campaign.telegram.hr
beam.telegram.hr
tracker.telegram.hr
12 MB
22 gstatic.com
www.gstatic.com
fonts.gstatic.com
662 KB
8 dotmetrics.net
script.dotmetrics.net — Cisco Umbrella Rank: 112550
adex.dotmetrics.net — Cisco Umbrella Rank: 175259
72 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
133 KB
6 piano.io
api-esp.piano.io — Cisco Umbrella Rank: 12951
c2.piano.io — Cisco Umbrella Rank: 6909
31 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5669
onesignal.com — Cisco Umbrella Rank: 1761
img.onesignal.com — Cisco Umbrella Rank: 10383
85 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
k.clarity.ms — Cisco Umbrella Rank: 8151
30 KB
5 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7097
4 KB
5 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9039
flowcards.mrf.io — Cisco Umbrella Rank: 17352
69 KB
5 gemius.pl
gahr.hit.gemius.pl — Cisco Umbrella Rank: 597213
ls.hit.gemius.pl — Cisco Umbrella Rank: 28536
22 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687
89 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
152 KB
4 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 6353
id.cxense.com — Cisco Umbrella Rank: 13212
45 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 6872
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 10484
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 9264
20 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
209 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
249 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
2 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3385
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1060
164 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
230 KB
2 tinypass.com
cdn.tinypass.com — Cisco Umbrella Rank: 7749
buy.tinypass.com — Cisco Umbrella Rank: 7928
123 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
9 KB
2 midas-network.com
cdn.midas-network.com — Cisco Umbrella Rank: 245831
668 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
4 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
1 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
1 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1931
5 KB
144 29
Domain Requested by
29 www.telegram.hr www.telegram.hr
21 fonts.gstatic.com fonts.googleapis.com
www.telegram.hr
5 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
5 api-esp.piano.io cdn.tinypass.com
code.jquery.com
5 events.newsroom.bi sdk.mrf.io
5 script.dotmetrics.net www.telegram.hr
script.dotmetrics.net
4 gahr.hit.gemius.pl 1 redirects www.telegram.hr
gahr.hit.gemius.pl
4 connect.facebook.net www.telegram.hr
connect.facebook.net
www.googletagmanager.com
3 k.clarity.ms www.clarity.ms
3 adex.dotmetrics.net script.dotmetrics.net
adex.dotmetrics.net
3 onesignal.com cdn.onesignal.com
3 c.amazon-adsystem.com www.telegram.hr
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net www.telegram.hr
securepubads.g.doubleclick.net
3 pagead2.googlesyndication.com www.telegram.hr
pagead2.googlesyndication.com
3 sdk.mrf.io www.telegram.hr
sdk.mrf.io
3 cdn.cxense.com www.telegram.hr
cdn.cxense.com
2 tracker.telegram.hr beam.telegram.hr
2 www.facebook.com www.telegram.hr
2 www.clarity.ms www.telegram.hr
www.clarity.ms
2 www.youtube.com sdk.mrf.io
www.youtube.com
2 flowcards.mrf.io sdk.mrf.io
2 campaign.telegram.hr www.telegram.hr
campaign.telegram.hr
2 www.googletagmanager.com www.telegram.hr
www.googletagmanager.com
2 cdn.onesignal.com www.telegram.hr
cdn.onesignal.com
2 www.google.com www.telegram.hr
www.gstatic.com
2 fonts.googleapis.com www.telegram.hr
2 cdn.midas-network.com 1 redirects www.telegram.hr
1 buy.tinypass.com cdn.tinypass.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 region1.google-analytics.com www.googletagmanager.com
1 img.onesignal.com www.telegram.hr
1 lh3.googleusercontent.com www.telegram.hr
1 ls.hit.gemius.pl gahr.hit.gemius.pl
1 id.cxense.com cdn.cxense.com
1 cdn.jsdelivr.net micro.rubiconproject.com
1 secure-assets.rubiconproject.com micro.rubiconproject.com
1 ad-delivery.net micro.rubiconproject.com
1 code.jquery.com api-esp.piano.io
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 c2.piano.io cdn.tinypass.com
1 beam.telegram.hr www.telegram.hr
1 get.s-onetag.com www.telegram.hr
1 micro.rubiconproject.com www.telegram.hr
1 www.gstatic.com www.google.com
1 images.telegram.hr www.telegram.hr
1 www.instagram.com www.telegram.hr
1 talk.telegram.hr www.telegram.hr
1 cdn.tinypass.com www.telegram.hr
144 49
Subject Issuer Validity Valid
telegram.hr
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
tinypass.com
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-14 -
2025-02-14
a year crt.sh
*.onesignal.com
WE1
2024-10-31 -
2025-01-29
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-26 -
2024-12-25
3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2024-10-17 -
2024-12-25
2 months crt.sh
midas-network.com
WE1
2024-12-03 -
2025-03-03
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2024-09-12 -
2025-09-25
a year crt.sh
sdk.mrf.io
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03
2024-11-19 -
2025-12-18
a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M02
2024-10-03 -
2025-11-01
a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M03
2024-07-23 -
2025-08-20
a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
E5
2024-11-25 -
2025-02-23
3 months crt.sh
piano.io
WE1
2024-11-25 -
2025-02-23
3 months crt.sh
flowcards.mrf.io
WE1
2024-12-08 -
2025-03-08
3 months crt.sh
onesignal.com
WE1
2024-10-31 -
2025-01-29
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
ad-delivery.net
WE1
2024-11-10 -
2025-02-08
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.googleusercontent.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Frame ID: BC7BCAD03D4BEC3FA8C73516DF4A2987
Requests: 138 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4Y0caAAAAAI_E2k1sgXvWuXR8cViLC-iJIpEq&co=aHR0cHM6Ly93d3cudGVsZWdyYW0uaHI6NDQz&hl=de&v=nhamhfA6n_hKMa_Y7UpFyA37&size=invisible&cb=u0c3nzkqi46
Frame ID: 2C561B23DE8F7769A844F69C8927B4DE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 6CD5E3E0195C7B55C97BC66762091700
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 1200B3779C60CCC8ECE23E909BD82BAD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Riješi kviz, doznaj najpopularnije destinacije za putovanja i kako do njih u 2025. | Telegram.hr

Page URL History Show full URLs

  1. https://cdn.midas-network.com/api/lclick/content/?id=435897&pwid=4298&mclid=9571F46AD68ac4ed4865ae6bb05d52... HTTP 302
    https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

144
Requests

99 %
HTTPS

34 %
IPv6

29
Domains

49
Subdomains

42
IPs

4
Countries

15186 kB
Transfer

21897 kB
Size

45
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cdn.midas-network.com/api/lclick/content/?id=435897&pwid=4298&mclid=9571F46AD68ac4ed4865ae6bb05d523b&dev=3 HTTP 302
    https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114
  • https://gahr.hit.gemius.pl/_1734512218941/rexdot.js?l=100&sendf=24&id=nSblbvtw7YnzUiC8AtarvJdS3yggumM2F_xjEZ.9W1..57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=j5UqRxdt71vYG535zOOEQwKRoL0.ism_V3W0bbHU1QL.X7h.Zy7OeBvVb7xYnjwJVx6Vzl5I7EZ2bzViTClfaGHvs_qD/v95mQH0ccsSWM/&fpdata=N_V74fPpdNInbovY8XZOhKhE_RRCsxLEZLp_zoQ1Lkn.47%7C1734512218%7C2%7C%7C%7C8%2C3%2C32&ltime=107&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67628e5a31b2edf5&brts=1734512218&fpcap= HTTP 301
  • https://gahr.hit.gemius.pl/__/_1734512218941/rexdot.js?l=100&sendf=24&id=nSblbvtw7YnzUiC8AtarvJdS3yggumM2F_xjEZ.9W1..57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=j5UqRxdt71vYG535zOOEQwKRoL0.ism_V3W0bbHU1QL.X7h.Zy7OeBvVb7xYnjwJVx6Vzl5I7EZ2bzViTClfaGHvs_qD/v95mQH0ccsSWM/&fpdata=N_V74fPpdNInbovY8XZOhKhE_RRCsxLEZLp_zoQ1Lkn.47%7C1734512218%7C2%7C%7C%7C8%2C3%2C32&ltime=107&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67628e5a31b2edf5&brts=1734512218&fpcap=

144 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/
Redirect Chain
  • https://cdn.midas-network.com/api/lclick/content/?id=435897&pwid=4298&mclid=9571F46AD68ac4ed4865ae6bb05d523b&dev=3
  • https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=...
508 KB
98 KB
Document
General
Full URL
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
341dc52152f80b9259fecbda694c37815128edff3986f892dd94c8d45ff792bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f3df14df8b8d2a4-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 18 Dec 2024 08:56:58 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
vary
Accept-Encoding
x-agent47
EXPIRED
x-clacks-overhead
GNU Terry Pratchett
x-robots-tag
noarchive

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8f3df14d58b1d2cf-FRA
content-length
0
date
Wed, 18 Dec 2024 08:56:57 GMT
location
https://www.telegram.hr:443/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
request-context
appId=cid-v1:4201d84a-a905-4278-b7e0-1bb29d57eb5b
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/
41 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6878c74063bb7ce15296301c6f14d20c0bb603de0a631534258010af3940b5c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 18 Dec 2024 08:52:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
style.min.css
www.telegram.hr/wp-includes/css/dist/block-library/
112 KB
15 KB
Stylesheet
General
Full URL
https://www.telegram.hr/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"674f8058-1c012"
age
2166
cf-ray
8f3df1535b44d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 22:04:08 GMT
vary
Accept-Encoding
server
cloudflare
api.js
www.google.com/recaptcha/
1 KB
997 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Le4Y0caAAAAAI_E2k1sgXvWuXR8cViLC-iJIpEq
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
5f7bd99eef2a8fb453c346246d9e9d55ce46ba8e3ab8e30a8ad22fb88dfec2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 18 Dec 2024 08:56:58 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
tinypass.min.js
cdn.tinypass.com/api/
414 KB
122 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c7f80773f60197741223a1b53e7fc80f0f98e865fd616de07315866da4501
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e1e2f50587fb88010f0f5e0c06bac091"
x-amz-version-id
Tf_qFAK9donO7q5NSxBUYR6WmF1gHdK_
age
7512
expires
Wed, 18 Dec 2024 12:56:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
last-modified
Tue, 17 Dec 2024 14:08:34 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
fez7mMY50HJRkcRN+uOXztCc90bZCLr6B7HDv5Fu1tmUY5wmu+9G3SuyGodqUmMQnZ84BeiQpqOVJDiOxmQMwEq/MewYjvG19V8GOJVh1u0=
strict-transport-security
max-age=86400; includeSubDomains
x-amz-replication-status
REPLICA
cache-control
public, max-age=14400
x-amz-request-id
9QD0H4W6FX1443TQ
cf-ray
8f3df153ff954d54-FRA
server
cloudflare
x-amz-server-side-encryption
AES256
cx.cce.js
cdn.cxense.com/
25 KB
7 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

Cache-Control
max-age=3600
Content-Encoding
gzip
Connection
keep-alive
Expires
Wed, 18 Dec 2024 09:56:58 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
6352
Date
Wed, 18 Dec 2024 08:56:58 GMT
Last-Modified
Mon, 08 Apr 2024 13:13:58 GMT
Content-Type
application/x-javascript
Server
AkamaiNetStorage
Vary
Accept-Encoding
embed.js
talk.telegram.hr/assets/js/
105 KB
30 KB
Script
General
Full URL
https://talk.telegram.hr/assets/js/embed.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27574aef2ff51e787bb3aa8d3ac023ba871e6fbbeedc9d09a69978472a24b5cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"781f-191c3f9dc4b"
age
1352
x-content-type-options
nosniff
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 05 Sep 2024 20:56:57 GMT
cache-control
public, max-age=14400, s-max-age=604800
referrer-policy
strict-origin-when-cross-origin
x-trace-id
fae05e90-ba6b-11ef-8840-67f8bfdaee1f
cf-ray
8f3df153ec47d2a4-FRA
accept-ranges
bytes
content-length
30751
x-xss-protection
1; mode=block
content-language
hr-HR
server
cloudflare
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"09282956186c8515ef0d208902803581"
age
2898
expires
Sat, 21 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f3df153fe818fd6-FRA
server
cloudflare
sdk.js
connect.facebook.net/hr_HR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/hr_HR/sdk.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.15 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mrs2.fbcdn.net
Software
/
Resource Hash
61c710fad6e2634b0e7a009a37ceb85fda78a1957b826f2c85ca40295cda790c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

content-md5
2oG2pB3jCIrcwT4SZxGeBQ==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"6724361fc4d82b424885f08e5cbba25c"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 09:04:28 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
e42bf03515638c781bd098d1f0d16c4a
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4527, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug
6e2f9y/qOAX3QfXrNQlNEAFaaRwgLqnQQFz2lF5GD95X8JQQ3FTaBp5KipMLa+WSpvO+EiBvdLhOAii3Mo2nng==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1686
origin-agent-cluster
?1
33cd2c5d5d59.js
www.instagram.com/static/bundles/metro/EmbedSDK.js/
16 KB
5 KB
Script
General
Full URL
https://www.instagram.com/static/bundles/metro/EmbedSDK.js/33cd2c5d5d59.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.174 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
instagram-p42-shv-01-mrs2.fbcdn.net
Software
/
Resource Hash
90b73a92db101b10e83e1ec0c21ed79e11af82bffc175f1de147b36bcce5f5e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
public,max-age=31536000,immutable
content-encoding
br
etag
"33cd2c5d5d59"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
4954
edge-control
max-age=1209600, no-transform
date
Tue, 17 Dec 2024 20:05:54 GMT
content-type
text/javascript
vary
Accept-Encoding
x-perf-stats
0;0;0
priority
u=3,i
cd86e4f.modern.js
www.telegram.hr/_nuxt/
5 KB
3 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d146dcdf5bc7e271100b9493d2047d0a06cbfc11566f3a93f2240ae888ce19fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"139f-193d035962b"
age
147208
x-agent47
MISS
cf-ray
8f3df1535b46d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:13 GMT
vary
Accept-Encoding
server
cloudflare
2d950f1.modern.js
www.telegram.hr/_nuxt/
227 KB
79 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/2d950f1.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d81eb32a4c4315aacaaf386754b38eb6ca05f7cb27b2510fdde42565c08d25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"38c05-193cef4858b"
age
168247
x-agent47
MISS
cf-ray
8f3df1535b48d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
9ac7101.modern.js
www.telegram.hr/_nuxt/
523 KB
156 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/9ac7101.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7438c7bbbb7f4602ae9243bc9b24de30e515354707b2cfe625f003d9e4f3b8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"82bf6-193cef485cf"
age
168247
x-agent47
MISS
cf-ray
8f3df1535b49d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
c11ed64.modern.js
www.telegram.hr/_nuxt/
412 KB
84 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/c11ed64.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee567705518a7978bd447131dc7a1428358e28f29cea1ca87ef9e624780ed94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670cd-193d035959b"
age
147186
x-agent47
MISS
cf-ray
8f3df1535b4bd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
c985ecc.modern.js
www.telegram.hr/_nuxt/
79 KB
18 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/c985ecc.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d45cf034c2b02f09acd98b7a6848b79bcfcf827933d08d19149dfd4e4f6f85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"13df2-193cff9b095"
age
151126
x-agent47
MISS
cf-ray
8f3df1535b4cd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 14:57:47 GMT
vary
Accept-Encoding
server
cloudflare
f826810.modern.js
www.telegram.hr/_nuxt/
40 KB
7 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/f826810.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d84b4c36292437aad7650cddf4392129f2b7809ecd347da7a689c42bce73ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"a014-193cef48587"
age
168247
x-agent47
MISS
cf-ray
8f3df1535b4dd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
e7c5c5b.modern.js
www.telegram.hr/_nuxt/
29 KB
7 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/e7c5c5b.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0defeed019bc817d623a7bcbcf2b879d01cf80bc17ef0164acd215fdfb152b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"73bd-193d0359587"
age
147185
x-agent47
MISS
cf-ray
8f3df1535b4fd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
d533faa6-4827-4887-93ec-a7528afd9a45
cdn.midas-network.com/MidasPixel/IndexAsync/
0
242 B
Image
General
Full URL
https://cdn.midas-network.com/MidasPixel/IndexAsync/d533faa6-4827-4887-93ec-a7528afd9a45
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2925 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
private
x-aspnet-version
4.0.30319
access-control-expose-headers
Request-Context
cf-cache-status
DYNAMIC
request-context
appId=cid-v1:a2c4a87b-281c-449d-94a9-899669266ec7
cf-ray
8f3df1540f5d18e3-FRA
content-length
0
date
Wed, 18 Dec 2024 08:56:58 GMT
x-powered-by
ASP.NET
x-aspnetmvc-version
5.3
server
cloudflare
s1_logo_clean_noline.bc4f3ba.svg
www.telegram.hr/_nuxt/img/
1 KB
845 B
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/s1_logo_clean_noline.bc4f3ba.svg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2e82e2ef0b113f6f4ca9bc47aa44b15466e3d8e283b35ece8b72add15c6e75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"67604f40-5f1"
age
2716
cf-ray
8f3df1536b64d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
s1_logo_clean_noline_white.25fed83.svg
www.telegram.hr/_nuxt/img/
2 KB
889 B
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/s1_logo_clean_noline_white.25fed83.svg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c316d9a6bd8e0d4e27dde1074d7bac5b3b5fdee958b7d8ab3f401487b04c99a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"67604f40-603"
age
2472
cf-ray
8f3df1536b65d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
telesport_logo_black.cffad03.svg
www.telegram.hr/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/telesport_logo_black.cffad03.svg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6472fbe6ca927ad7536cc61f50dc389a28d529b4bfc456317cbac57d1e50c7de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"67604f40-880"
age
3110
cf-ray
8f3df1539bbed2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
telesport_logo_white.8bd5680.svg
www.telegram.hr/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/telesport_logo_white.8bd5680.svg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fbe54913482ba626fb88901d266750ebebfcb30dbf8fed92165af2527af3fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"67604f40-91b"
age
2011
cf-ray
8f3df1539bc0d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
pz_logo_normal.6ad1ac2.svg
www.telegram.hr/_nuxt/img/
3 KB
1 KB
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/pz_logo_normal.6ad1ac2.svg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a3132de89d7bcd7608f8c9d9ac704a315df9291bd3e20ffb97152696fbe61c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"67604f40-a70"
age
6711
cf-ray
8f3df153cc1ad2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
pz_logo_negative.8e4da74.svg
www.telegram.hr/_nuxt/img/
3 KB
1 KB
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/pz_logo_negative.8e4da74.svg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72289cb78aca9eb0e5a616d4f598ab0e153e2fa3d56570ed8eaab74114a7b247

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
content-encoding
br
cf-cache-status
HIT
etag
W/"67604f40-ae4"
age
6697
cf-ray
8f3df153dc2cd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/svg+xml
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
aHR0cHM6Ly93d3cudGVsZWdyYW0uaHIvd3AtY29udGVudC91cGxvYWRzLzIwMjQvMTIvdGctbmFzbG92bmEta29sYXoxMC0xMi5qcGc.webp
images.telegram.hr/mKPFS4zdt-Z2_vEg7dRk1Oy10KEIVo7EgKZXmLPLam4/preset:single1/
115 KB
116 KB
Image
General
Full URL
https://images.telegram.hr/mKPFS4zdt-Z2_vEg7dRk1Oy10KEIVo7EgKZXmLPLam4/preset:single1/aHR0cHM6Ly93d3cudGVsZWdyYW0uaHIvd3AtY29udGVudC91cGxvYWRzLzIwMjQvMTIvdGctbmFzbG92bmEta29sYXoxMC0xMi5qcGc.webp
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecd4e5975adfc0a7eb58e493793d8d7a5fedd4fa352cffbeb4e4f3ce19db4f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

server
cloudflare
x-request-id
hTuXma5pQTvzjy1nDObhc
cache-control
max-age=315360000
cf-cache-status
HIT
age
418285
cf-ray
8f3df1537b96d2a4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
118092
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/webp
content-disposition
inline; filename="tg-naslovna-kolaz10-12.webp"
vary
Accept-Encoding
last-modified
Fri, 13 Dec 2024 12:45:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nhamhfA6n_hKMa_Y7UpFyA37/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/nhamhfA6n_hKMa_Y7UpFyA37/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le4Y0caAAAAAI_E2k1sgXvWuXR8cViLC-iJIpEq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8001e254ead6ecd735e0e6fb4fa2a48118d681350da71f9db0d5baea5026f99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
age
12268
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 05:32:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 05:32:30 GMT
last-modified
Mon, 16 Dec 2024 03:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
223060
x-xss-protection
0
server
sffe
gtm.js
www.googletagmanager.com/
297 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TF4XJXD
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
313ae4abc5b9cc464a27d1b8cea9a03bf0ac97e533d881e2ee1bf834c0ed3ed3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99400
x-xss-protection
0
server
Google Tag Manager
truncated
/
691 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf1ae983fbe74fd1b7097edabd23ab5c0c90eb8481916216d5f6d9a571cb74c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
335751
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:41:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:41:07 GMT
last-modified
Tue, 19 Apr 2022 19:29:44 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21724
x-xss-protection
0
server
sffe
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
64291
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 15:05:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 15:05:27 GMT
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21144
x-xss-protection
0
server
sffe
7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
511338
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 10:54:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 10:54:40 GMT
last-modified
Tue, 19 Apr 2022 19:35:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
21796
x-xss-protection
0
server
sffe
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v35/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
85710
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:08:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:08:28 GMT
last-modified
Wed, 31 Jan 2024 23:11:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37764
x-xss-protection
0
server
sffe
7cHqv4kjgoGqM7E3p-ks51os.woff2
fonts.gstatic.com/s/barlow/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
6563f08627fa2cd60c0c300318405b6f545f0d7f469df6ba87c9e31ecc987217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
85816
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:06:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:06:42 GMT
last-modified
Tue, 19 Apr 2022 19:13:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20992
x-xss-protection
0
server
sffe
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
9188
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 06:23:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 06:23:50 GMT
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20028
x-xss-protection
0
server
sffe
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
550220
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 00:06:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 00:06:38 GMT
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19780
x-xss-protection
0
server
sffe
0QIvMX1D_JOuMwT7I-NP.woff2
fonts.gstatic.com/s/lora/v35/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwT7I-NP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
dac40935c6c2eae15288f77ac1b1e9c2927598f0dd45bf65426dbbac45f4dfdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
335801
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:17 GMT
last-modified
Wed, 31 Jan 2024 23:11:41 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19952
x-xss-protection
0
server
sffe
7cHqv4kjgoGqM7E3t-4s6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s6VospT4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
68548b453a6799bd3dbe23d6025305801713b490b839dbf6fe03736cc712b514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
122926
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 22:48:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 22:48:12 GMT
last-modified
Tue, 19 Apr 2022 19:29:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13784
x-xss-protection
0
server
sffe
u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
fonts.gstatic.com/s/merriweather/v30/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-ciZMZ-Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
86243
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 08:59:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 08:59:35 GMT
last-modified
Tue, 26 Apr 2022 15:44:29 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18836
x-xss-protection
0
server
sffe
u-4m0qyriQwlOrhSvowK_l5-eRZAf-LHrw.woff2
fonts.gstatic.com/s/merriweather/v30/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZAf-LHrw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
e43db0a6d224f2c45ccc42e3a038bf4d560bd18810caeaf00a05289adbd999bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
86490
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 08:55:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 08:55:28 GMT
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18804
x-xss-protection
0
server
sffe
7cHqv4kjgoGqM7E3p-ks6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks6VospT4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
5ad49c15f3f437bc90c3ac9876571075f8c484bc39e07fd23e07c3907f264721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
86467
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 08:55:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 08:55:51 GMT
last-modified
Tue, 19 Apr 2022 19:05:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13124
x-xss-protection
0
server
sffe
7cHpv4kjgoGqM7E_Ass52Hs.woff2
fonts.gstatic.com/s/barlow/v12/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_Ass52Hs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
e117aea294873c889a6118be17dedae219b12e46a4a039c420fbb032aa0acde5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
86198
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:00:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:00:20 GMT
last-modified
Tue, 19 Apr 2022 19:44:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13316
x-xss-protection
0
server
sffe
shutterstock-2410689083.jpg
www.telegram.hr/wp-content/uploads/2024/12/
11 MB
11 MB
Image
General
Full URL
https://www.telegram.hr/wp-content/uploads/2024/12/shutterstock-2410689083.jpg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc8e2e754ccb57512f0c3d3bf9b6f48eb26d305f04dea10a051242f950efa196

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
cf-bgj
h2pri
etag
"67584181-b11a65"
age
6869
cf-cache-status
HIT
cf-ray
8f3df153fc69d2a4-FRA
accept-ranges
bytes
content-length
11606629
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/jpeg
last-modified
Tue, 10 Dec 2024 13:26:25 GMT
vary
Accept-Encoding
server
cloudflare
xgemius.js
gahr.hit.gemius.pl/
70 KB
20 KB
Script
General
Full URL
https://gahr.hit.gemius.pl/xgemius.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.95.172.70 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3214309.ip-141-95-172.eu
Software
GHC /
Resource Hash
f7373315d78ea2ec559283f354dbedd888cebc23121c38a5cca7126c7faf5ba6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
max-age=43200
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy
cross-origin
expires
Wed, 18 Dec 2024 20:56:58 GMT
accept-ranges
none
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-length
20492
date
Wed, 18 Dec 2024 08:56:58 GMT
last-modified
Wed, 11 Dec 2024 07:33:05 GMT
vary
Accept-Encoding,Origin
server
GHC
content-type
text/javascript
marfeel-sdk.js
sdk.mrf.io/statics/
170 KB
46 KB
Script
General
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4dd4c24f0ad96c8a8b32b31fc0753a785a89c266f6f641ba91c82ee7319cb0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
233
x-response-time
5ms
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Dec 2024 08:53:05 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=1800
x-envoy-upstream-service-time
17
cf-ray
8f3df1548aa971b9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
47253
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
158 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2317149376955370
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
5adfc89340b4e5826086ae4d91742964255337ca15ba4ade8e30282f247d5d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
etag
15228777155903800478
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53752
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
6fb7042d6564a381484b51a6f5f4cbf7cb53eeb5bfa11d54969aae7620d7d196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
etag
849 / 20075 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33934
x-xss-protection
0
server
cafe
26072.js
micro.rubiconproject.com/prebid/dynamic/
524 KB
164 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/26072.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15 /
Resource Hash
c9eee3be9753ea5f5529998ae21f44fd0f8eceb39a42d1aa8f069386c0d33cf5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

edge-cache-tag
prod-prebid-26072_Telegram.js
cache-control
public, must-revalidate, max-age=14400
content-encoding
gzip
expires
Wed, 18 Dec 2024 09:53:23 GMT
content-length
167395
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding, referer
server
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15
apstag.js
c.amazon-adsystem.com/aax2/
345 KB
85 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f4218dbb17ff2c3421282ef9135e5375"
age
700
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront), 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HhSwY-5FGIpTe_oRMLGiqtV5Bx2yAdXiIgjxeDX-l7eZoC62UVzT4w==
date
Wed, 18 Dec 2024 08:45:20 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 22:50:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P6
x-amz-server-side-encryption
AES256
tag.min.js
get.s-onetag.com/6e633889-6cd5-4683-92df-76d605af6d4b/
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/6e633889-6cd5-4683-92df-76d605af6d4b/tag.min.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03d2faa0b923283fe8e53912ec748c6cc5065212818f853d750e3cca444e4598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
eYg_X0RsFBiwHnFuIdW2goDrW2085TwF
etag
W/"a05a2b87132d034763a90cb432706f0d"
age
665
via
1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
v5-sFMmReI460Va_INPgpSMJbduq7j-Yv21jN6oEV23zbYh__dvF6Q==
date
Wed, 18 Dec 2024 08:45:54 GMT
content-type
application/javascript
last-modified
Wed, 18 Dec 2024 08:45:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
04167e6955ffc2f5c1fbec8dd63ed955bc67acc668aff6a00a3d4ce2b21527ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
etag
370631240377205121
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53262
x-xss-protection
0
server
cafe
door.js
script.dotmetrics.net/
12 KB
4 KB
Script
General
Full URL
https://script.dotmetrics.net/door.js?id=1179
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c11ed64.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-66.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
ba6dcfd133bc7de55cd202037f189e802472479e329029e12fcb28b6ece07643

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
private
content-encoding
br
etag
"1179...326.2024121808"
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
kiJHqZfaw_BH57fuu0yIQefhwjOfgyT5ApYtEmvqAVpkttuYUXplzw==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
FRA56-P2
remplib.js
campaign.telegram.hr/assets/lib/js/
67 KB
23 KB
Script
General
Full URL
https://campaign.telegram.hr/assets/lib/js/remplib.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c985ecc.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4e9530a90fdf9dce93f2c20c630b8d4c4adc64a1ca074a28a954d1fefbdc1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6731f1fd-10b84"
age
4032
x-content-type-options
nosniff
cf-ray
8f3df1558f50d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Mon, 11 Nov 2024 12:01:01 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
sameorigin
remplib.js
beam.telegram.hr/assets/lib/js/
169 KB
58 KB
Script
General
Full URL
https://beam.telegram.hr/assets/lib/js/remplib.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/c985ecc.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b1e19e953d83d3f25486ca0ce949ce23dd291c8155e4e232638dcdd137e2e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age=14400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6731f3d1-2a3f6"
age
1857
x-content-type-options
nosniff
cf-ray
8f3df1572a3cd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Mon, 11 Nov 2024 12:08:49 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
sameorigin
tg_black_friday_bg.b39b593.jpg
www.telegram.hr/_nuxt/img/
305 KB
306 KB
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/tg_black_friday_bg.b39b593.jpg
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b613bcd02291615f5024a7e01ddd315707569603e4de431d9580e68c29b6b593

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
cf-bgj
h2pri
etag
"67604f40-4c5a8"
age
5267
cf-cache-status
HIT
cf-ray
8f3df154bdc5d2a4-FRA
accept-ranges
bytes
content-length
312744
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
tg_mockup_combo.efa99d5.png
www.telegram.hr/_nuxt/img/
287 KB
287 KB
Image
General
Full URL
https://www.telegram.hr/_nuxt/img/tg_mockup_combo.efa99d5.png
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec2d1b7bb60024a697211659b66c8cb45e26d0248e87d4bad59a46c4259b672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
HIT
etag
"67604f40-47aea"
age
1719
cf-ray
8f3df154bdc8d2a4-FRA
accept-ranges
bytes
content-length
293610
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/png
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
f4c62e1.modern.js
www.telegram.hr/_nuxt/
1 KB
885 B
Script
General
Full URL
https://www.telegram.hr/_nuxt/f4c62e1.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca76ae6ba1a396562e1d084d80951886fa393cc2d99606ae67663fa9c83f47d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"586-193cef4859b"
age
168219
x-agent47
MISS
cf-ray
8f3df154ee26d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
511339
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 12 Dec 2025 10:54:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 10:54:39 GMT
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19740
x-xss-protection
0
server
sffe
u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
85147
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:17:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:17:51 GMT
last-modified
Tue, 26 Apr 2022 15:45:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18416
x-xss-protection
0
server
sffe
7cHqv4kjgoGqM7E30-8s6VospT4.woff2
fonts.gstatic.com/s/barlow/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s6VospT4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
f39ee9135a2f3b7589198d1ac499c9977a3550afc819083f078bd212d762d021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
85294
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:15:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:15:24 GMT
last-modified
Tue, 19 Apr 2022 19:35:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13876
x-xss-protection
0
server
sffe
stocks
www.telegram.hr/api/
620 B
679 B
XHR
General
Full URL
https://www.telegram.hr/api/stocks
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/2d950f1.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa8e1613b6810570b281268eea3ac8fe5a6e57e2285d55dfd38f8b7e3c2d7c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noindex, noarchive, noarchive
cf-edge-cache
cache,platform=wordpress
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link, Link
x-clacks-overhead
GNU Terry Pratchett, GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
access-control-allow-methods
GET
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Type
link
<https://www.telegram.hr/wp-json/>; rel="https://api.w.org/"
x-agent47
MISS, HIT
access-control-allow-credentials
true
allow
GET
cf-ray
8f3df154ee27d2a4-FRA
access-control-allow-origin
*
server
cloudflare
vijesti
www.telegram.hr/api/category/
211 KB
42 KB
XHR
General
Full URL
https://www.telegram.hr/api/category/vijesti
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/2d950f1.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228981171ed46be39b9aa684bd736951a664b1f1dbb5413968891b02424578c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noindex, noarchive, noarchive
cf-edge-cache
cache,platform=wordpress
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link, Link
x-clacks-overhead
GNU Terry Pratchett, GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
access-control-allow-methods
GET
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Type
link
<https://www.telegram.hr/wp-json/>; rel="https://api.w.org/"
x-agent47
MISS, HIT
access-control-allow-credentials
true
allow
GET
cf-ray
8f3df154ee28d2a4-FRA
access-control-allow-origin
*
server
cloudflare
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7e91359b46e1da637080a03b759164fa"
age
2926
expires
Sat, 21 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f3df154df1f8fd6-FRA
server
cloudflare
sdk.js
connect.facebook.net/hr_HR/
254 KB
75 KB
Script
General
Full URL
https://connect.facebook.net/hr_HR/sdk.js?hash=944384af9e7d100acccc756c88b7aed5
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/hr_HR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.15 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mrs2.fbcdn.net
Software
/
Resource Hash
5eb00f8aabf348b3fc959e6096074de5aab38d9029c184619db51aaae402344e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

content-md5
C1Z+1U5YHPg/Vjnihna54w==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"6dbafb47c4d09c2e4042f64790721c2d"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 08:15:10 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
de016371e12dee81342cef9202205dcb
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=29, rtx=1, c=4, mss=1232, tbw=8507, tp=18, tpl=1, uplat=1, ullat=-1
x-fb-debug
K5Vj17URn9kVuZr8m5L3WSY749IepYxekxBI0UBaYRPwh0HnGButuVNSF6YTBs6uhu2n+D2wR5qjxa3cV3bfZw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
76691
origin-agent-cluster
?1
cx.js
cdn.cxense.com/
114 KB
37 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:983::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
459145908fcd4374a85bed15907b1f471c25107c604eca7f946ce5d3c7aa8aef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

Cache-Control
max-age=3600
Content-Encoding
gzip
Connection
keep-alive
Expires
Wed, 18 Dec 2024 09:56:58 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
37915
Date
Wed, 18 Dec 2024 08:56:58 GMT
Last-Modified
Mon, 02 Dec 2024 12:20:09 GMT
Content-Type
application/x-javascript
Server
AkamaiNetStorage
Vary
Accept-Encoding
f585544.modern.js
www.telegram.hr/_nuxt/
35 KB
7 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/f585544.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a23e36cee22dec7137fad7f4c5b7ac96156aafd37c6637cf5f581e2f137d8ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"8bc4-193d035959b"
age
147197
x-agent47
MISS
cf-ray
8f3df1550e65d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
d33a5f3.modern.js
www.telegram.hr/_nuxt/
72 KB
13 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/d33a5f3.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93e2a078bf3308dda8564df13cb2b8768829b11a4a91927fa2bdbe905fc2e413

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"11f32-193cef485a3"
age
168246
x-agent47
MISS
cf-ray
8f3df1550e68d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
eb7829a.modern.js
www.telegram.hr/_nuxt/
27 KB
6 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/eb7829a.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cfad6480f7d66c2b1fe85ddbb488dc30108496896768f5a0cdcdfc383311289

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6b49-193d035959b"
age
147184
x-agent47
MISS
cf-ray
8f3df1550e69d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:12 GMT
vary
Accept-Encoding
server
cloudflare
69cf548.modern.js
www.telegram.hr/_nuxt/
33 KB
7 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/69cf548.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf434bbc38f0cd15704a4f332c7711bec1428bec45d7381dc27ab0345db1860

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"8309-193cef485ab"
age
168246
x-agent47
MISS
cf-ray
8f3df1550e6ad2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
4e3866c.modern.js
www.telegram.hr/_nuxt/
22 KB
4 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/4e3866c.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a657640544a74a0780c0c094e247422dc2aa73eb842cdd8cc0d0857dabc82c89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"56f0-193cef48587"
age
168246
x-agent47
MISS
cf-ray
8f3df1550e6dd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 10:12:31 GMT
vary
Accept-Encoding
server
cloudflare
7f3d953.modern.js
www.telegram.hr/_nuxt/
27 KB
6 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/7f3d953.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a09173b3f04c5142e89732c9776a59630baa18926152f95c340a260aa3e57e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6a68-193d03595eb"
age
147185
x-agent47
MISS
cf-ray
8f3df1550e6fd2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:13 GMT
vary
Accept-Encoding
server
cloudflare
943e87a.modern.js
www.telegram.hr/_nuxt/
36 KB
8 KB
Script
General
Full URL
https://www.telegram.hr/_nuxt/943e87a.modern.js
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/_nuxt/cd86e4f.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c41708efa4897d3f9f92af5fae9d8271d5e72b752de27b2f220356b02a00acce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
public, max-age=31536000
x-clacks-overhead
GNU Terry Pratchett
content-encoding
gzip
cf-cache-status
HIT
etag
W/"8ef3-193d03595eb"
age
147184
x-agent47
HIT
cf-ray
8f3df1550e70d2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 16 Dec 2024 16:03:13 GMT
vary
Accept-Encoding
server
cloudflare
ingest.php
events.newsroom.bi/
165 B
906 B
Fetch
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.telegram.hr
content-length
120
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
compass-multimedia-sdk.js
sdk.mrf.io/statics/
10 KB
4 KB
Script
General
Full URL
https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=2032
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff7c2f9419ec10b3aaa3c444ee1efbb62f13dff56da23a4e5b583a00a13ebf8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
HIT
etag
W/"54d18575beb0ec8993f1ef11d11781a2"
age
2467
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
RSyfJ_pJtzoVgSuwbYI7XWHzEF12tDvsI_r-LpR686vxf5wC78g9pg==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Tue, 17 Dec 2024 11:27:31 GMT
vary
accept-encoding
priority
u=1,i=?0
server-timing
cfExtPri
cache-control
max-age=3600
timing-allow-origin
*
x-envoy-upstream-service-time
10
via
1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront)
cf-ray
8f3df1555b6271b9-FRA
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P3
server
cloudflare
x-amz-server-side-encryption
AES256
anchor
www.google.com/recaptcha/api2/ Frame 2C56
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4Y0caAAAAAI_E2k1sgXvWuXR8cViLC-iJIpEq&co=aHR0cHM6Ly93d3cudGVsZWdyYW0uaHI6NDQz&hl=de&v=nhamhfA6n_hKMa_Y7UpFyA37&size=invisible&cb=u0c3nzkqi46
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nhamhfA6n_hKMa_Y7UpFyA37/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MZtcoyRLXxcDUCcowovhGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegram.hr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MZtcoyRLXxcDUCcowovhGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 08:56:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
7cHrv4kjgoGqM7E_Cfs7wH8.woff2
fonts.gstatic.com/s/barlow/v12/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHrv4kjgoGqM7E_Cfs7wH8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
85809
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:06:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:06:49 GMT
last-modified
Tue, 19 Apr 2022 19:09:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23564
x-xss-protection
0
server
sffe
7cHrv4kjgoGqM7E_Cfs1wH8RnA.woff2
fonts.gstatic.com/s/barlow/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHrv4kjgoGqM7E_Cfs1wH8RnA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,300;0,400;0,600;0,700;0,900;1,400&family=Lora:ital,wght@0,400;0,700;1,400&family=Merriweather:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=IBM+Plex+Mono:wght@500;600&family=Poppins:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
33a4da3f742e6a822d951e884be0d861579fdb2c78ba3172324ec2380a675da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
85425
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:13:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:13:13 GMT
last-modified
Tue, 19 Apr 2022 19:09:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14276
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/
435 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2317149376955370&plah=www.telegram.hr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2317149376955370
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
61cf8fd78905adc0cafc518cd3d1aecb6d66495252f980e309ae72c18d1140c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
etag
5446316518697911768
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147912
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/
492 KB
153 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
etag
5395541545685299795
age
67952
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 14:04:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 14:04:26 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
sdk.js
api-esp.piano.io/public/sdk/v04/
87 KB
28 KB
Script
General
Full URL
https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.144.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eab643670dc504450c8d5507277bb899bb8d7ebf22a848ec2ddb1e4c0472d50
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
36000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"15c6c-193b0284d2f"
age
2891
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
expires
Thu, 18 Dec 2025 08:08:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 10 Dec 2024 10:40:51 GMT
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
x-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
priority
u=3,i=?0
cache-control
max-age=31536000, public
access-control-allow-credentials
true
cf-ray
8f3df1564b6cd25e-FRA
access-control-allow-origin
api-esp.piano.io
server
cloudflare
execute
c2.piano.io/xbuilder/experience/
2 KB
2 KB
XHR
General
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=QuTHmVhFpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.143.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4cc20092b979180f2e7f1a6d0642547326eedef9b0d580506a87eac0a1c5efd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.telegram.hr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

x-request-id
ex3xq1okar
access-control-expose-headers
Composer-Request-Control-Policy
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json
vary
Accept-Encoding, Origin
priority
u=1,i
strict-transport-security
max-age=86400; includeSubDomains
cache-control
no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f3df1565d992c4e-FRA
access-control-allow-origin
https://www.telegram.hr
server
cloudflare
411d9b5dce0285024aa9.js
sdk.mrf.io/statics/
73 KB
18 KB
Script
General
Full URL
https://sdk.mrf.io/statics/411d9b5dce0285024aa9.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=2032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd902aecc753dbf6717d61ad5ef104c181f04897d789de1ce5213936bacce3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
HIT
etag
W/"14fcb5bd428903ad839950f58f62b302"
age
821
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
sTcdigyJ8KFH4KMVzHzr91X_QyNcbAEzQo0mgJue8zzhl2XOPvbhrw==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript;charset=UTF-8
last-modified
Tue, 17 Dec 2024 11:27:31 GMT
vary
accept-encoding
priority
u=1,i=?0
server-timing
cfExtPri
cache-control
max-age=3600
timing-allow-origin
*
x-envoy-upstream-service-time
30
via
1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
cf-ray
8f3df1562bfd71b9-FRA
access-control-allow-origin
*
x-amz-cf-pop
AMS58-P3
server
cloudflare
x-amz-server-side-encryption
AES256
rfv.php
events.newsroom.bi/data/
27 B
470 B
Fetch
General
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.telegram.hr
content-length
42
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
experiences
flowcards.mrf.io/json/
66 B
348 B
Fetch
General
Full URL
https://flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F&clid=df1b4fb1-3370-47c5-bfab-0e1999106d24&fvst=1734512218&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2024-12-17T07:53:18.000Z&qpa=utm_source,utm_medium,utm_campaign,utm_content&sdu=0&sid=1279&uexp=AC_ASxtbpUMQ5afc5nAGakPAw,l|1|m|1|w|1|d|1&useg=&utyp=0&u_src=Midas&u_mdm=Widget&u_cpg=12/2024%20-%20PBZ%20Card%20&u_cnt=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P&v=2
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
mrf-lb-hash
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json; charset=utf-8
last-modified
Wed, 18 Dec 2024 08:56:58 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
private
x-envoy-upstream-service-time
3
cf-ray
8f3df156a97ddcb9-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
75
server
cloudflare
mrf-pod-name
marfeelcroupier-5f98bc5548-4d6kd
experiences
flowcards.mrf.io/json/ Frame
0
0
Preflight
General
Full URL
https://flowcards.mrf.io/json/experiences?url=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F&clid=df1b4fb1-3370-47c5-bfab-0e1999106d24&fvst=1734512218&geo=__INJECT_GEO__&ptch=0&pgv=1&pti=2024-12-17T07:53:18.000Z&qpa=utm_source,utm_medium,utm_campaign,utm_content&sdu=0&sid=1279&uexp=AC_ASxtbpUMQ5afc5nAGakPAw,l|1|m|1|w|1|d|1&useg=&utyp=0&u_src=Midas&u_mdm=Widget&u_cpg=12/2024%20-%20PBZ%20Card%20&u_cnt=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P&v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
mrf-lb-hash
Access-Control-Request-Method
GET
Origin
https://www.telegram.hr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,mrf-lb-hash
access-control-allow-methods
DELETE,POST,GET,PUT,PATCH
access-control-allow-origin
*
access-control-max-age
2592001
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3df1567913dcb9-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
mrf-pod-name
marfeelcroupier-5f98bc5548-dgck7
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-envoy-upstream-service-time
1
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
67952
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 14:04:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 17 Dec 2024 14:04:26 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
hit.gif
script.dotmetrics.net/
43 B
704 B
Image
General
Full URL
https://script.dotmetrics.net/hit.gif?id=1179&url=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&dom=www.telegram.hr&r=1734512218618&pvs=1&ecid=279ad865-1265-4794-b824-f9cffe1bc728&dc=e4d4a769-2424-41b0-afc1-3bd178fe6379&c=true&tzOffset=-60&doorUrl=http%3a%2f%2fscript.dotmetrics.net%2fdoor.js%3fid%3d1179&dfph=&ver=326
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-66.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
no-cache
dotmetrics-hit-status
01 OK
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
BCv2FS6E94_AFH74zQMqlkHnQp7ExHRibzwy-JdHrktNWUoXfyPLsg==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/gif
x-amz-cf-pop
FRA56-P2
server
Kestrel
web
onesignal.com/api/v1/sync/4a5a4862-40d1-42f0-b324-85812703ccc5/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/4a5a4862-40d1-42f0-b324-85812703ccc5/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
961c659da746f6df2603eb0133084a97e3a77a5d0d1482750ada5ef637c53402
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

x-request-id
89071cda-a163-4753-bc5f-e99667f6cb67
content-encoding
br
cf-cache-status
HIT
etag
W/"961c659da746f6df2603eb0133084a97"
age
3483
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 09:56:58 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.039864
priority
u=3,i=?0
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=3600
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 google
cf-ray
8f3df1568dd09bdc-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/411d9b5dce0285024aa9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-sHCay8fzobnAlUbk3aYTdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
4umfgysht4
www.clarity.ms/tag/
920 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/4umfgysht4?ref=gtm2
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2f2024+-+PBZ+Card+&utm_content=ROK+JE+DO+31.+SIJEcNJA+2025%2c+P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
063beb8872b0692b34e801904dddba8514058f109688de385c808f5f8801b4af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
920
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/x-javascript
x-azure-ref
20241218T085658Z-17f9fbfbcd79h4hmhC1FRAsmrs00000002gg000000009v45
js
www.googletagmanager.com/gtag/
409 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9WS0P831P6&l=dataLayer&cx=c&gtm=45He4cc1v812726353za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF4XJXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ae009789bfc381ef27212d5a941a751cd9cf2102cf7c995f3b438ba0f4da59a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 08:56:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134936
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TF4XJXD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.15 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mrs2.fbcdn.net
Software
/
Resource Hash
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-iWmsdpz9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-iWmsdpz9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1889, tp=5, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
Kv7KF3trtsXitDxhKRrOa52w1+U5wQk1Oepdo68unieiViduNFDJa2/e7Ymj2zU2umdaf1dO5x6gDX4SHaANSg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62287
x-xss-protection
0
origin-agent-cluster
?1
/
onetag-geo.s-onetag.com/
555 B
961 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6e633889-6cd5-4683-92df-76d605af6d4b/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
max-age=86400
x-amz-apigw-id
C7cxAHPIiYcEKLQ=
age
85179
x-amzn-requestid
2f367afb-b7e9-4962-b9b7-9a6210811efc
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront), 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
555
x-amz-cf-id
HJh_Pnheq398x8B3PFRjED_1UocbaT_Rn-CkdQzyoHJuCbDoNh6Plg==
date
Tue, 17 Dec 2024 09:17:19 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P7, FRA56-P5
beacon.min.js
signal-beacon.s-onetag.com/
28 KB
10 KB
Script
General
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6e633889-6cd5-4683-92df-76d605af6d4b/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9507d30d1cf0af2969ef782d8ae1bcd30e2661d9dc1d34902f910d7bf4f69ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
br
x-amz-version-id
aj1YsgH1MGnrIfPJsteRLKzpDSAwGe4z
etag
W/"0813c877102c870cb9d4fc094d38cca8"
age
25756
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
rk5y7H65k5AQbAT9SlilQBrwGABG5KAVJmfmn5h2GWPg0B3_6sw0FQ==
date
Wed, 18 Dec 2024 06:57:22 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 14:06:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
jquery-2.2.0.min.js
code.jquery.com/
84 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14e55"
age
4471303
x-cache
HIT, HIT
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
13, 58749
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21967-LGA, cache-fra-etou8220117-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1734512219.700641,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29875
server
nginx
sp1.html
cdn.cxense.com/ Frame 6CD5
0
0
Document
General
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:99b::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://www.telegram.hr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Wed, 18 Dec 2024 08:56:58 GMT
Expires
Sat, 28 Dec 2024 08:56:58 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
1092744
fundingchoicesmessages.google.com/i/
197 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/1092744?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5e238baae99884db2bb1abeb544ec06376fd29dfe7e1db76f38fb7207db105f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7w6dt_rCdFmBEo0HXtpmuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_Fw3JrTtZtNYMPvdV-YlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAJjVRd8"
content-security-policy
script-src 'report-sample' 'nonce-7w6dt_rCdFmBEo0HXtpmuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
showtime.php
campaign.telegram.hr/vendor/campaign/
213 B
233 B
Script
General
Full URL
https://campaign.telegram.hr/vendor/campaign/showtime.php?data=%7B%22version%22%3A1%2C%22browserId%22%3A%2229e155fa-b2dc-4bd4-8e41-a9efdfe5d372%22%2C%22language%22%3A%22de-DE%22%2C%22url%22%3A%22https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P%22%2C%22referer%22%3Anull%2C%22sessionReferer%22%3Anull%2C%22campaigns%22%3A%7B%7D%2C%22campaignsSession%22%3A%7B%7D%2C%22cache%22%3Anull%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22usingAdblock%22%3Afalse%7D&callback=rempcampaign_callback_json0
Requested by
Host: campaign.telegram.hr
URL: https://campaign.telegram.hr/assets/lib/js/remplib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.14
Resource Hash
9a699a0e7849712ae935d2914de30da74cbe022998c1d48d6a23c7d0e2470344
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8f3df1572a3ed2a4-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
vary
Accept-Encoding
x-powered-by
PHP/8.2.14
server
cloudflare
x-frame-options
sameorigin
script.js
script.dotmetrics.net/Scripts/
73 KB
29 KB
Script
General
Full URL
https://script.dotmetrics.net/Scripts/script.js?v=326
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/door.js?id=1179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-66.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
1272afdedfb1d84356150830e73ba22fb01023a194cf3865fe28660145b1eef2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

x-amz-cf-pop
FRA56-P2
content-encoding
br
etag
"1db40d60c3d2041"
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
x-amz-cf-id
wmEAdckBM97q_Vj9U6_XnmFHMHmELwO_ljbnPYfDwYvGaMXfBRRTGQ==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript
last-modified
Wed, 27 Nov 2024 14:10:01 GMT
vary
Accept-Encoding
server
Kestrel
adexConfig.js
adex.dotmetrics.net/
6 KB
6 KB
Script
General
Full URL
https://adex.dotmetrics.net/adexConfig.js?v=326&id=1179
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/door.js?id=1179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-17.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
ded029b6e6b6636d6b26bdbdc2c6d6598674bf96a3df2b1fa3d0b4908ca24eb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
private
etag
"1179.12"
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
9fFZD0dcKujzIL07EDCyZujshl4uPGplkAzY6nZ2Jvuf2VU44Ya4PA==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
last-modified
Sat, 28 Dec 2024 08:56:58 GMT
server
Kestrel
x-amz-cf-pop
FRA60-P4
px.gif
ad-delivery.net/
0
0
Fetch
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/26072.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1909687
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ER1RkZ2Iq2mblG7Pz38KpzKOStZoir7Q3b%2FtVHpqAE6rrWJUVIIkXL2pyL2Zd4Qdn4NcjQd2TYdcfa7Us1ge0s%2BQwpif81sgG%2BhKvJmEs%2FcOUGcTjdMLtzPcyz50fpjCXnTqlMf6jMERW84dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Tue, 26 Nov 2024 06:43:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=6753&min_rtt=6397&rtt_var=1549&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2283&delivery_rate=510898&cwnd=248&unsent_bytes=0&cid=e7a91639ff3c2e02&ts=39&x=0"
x-goog-stored-content-length
43
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7RA-H9DGZHEfpbeAGdy2ORzEL87tonY_T1X3L9G2Cl6ME0kkMjzXSFQRtTGat1Tzz6PZM
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f3df1574b295d9f-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
1001-pbjs-floors.json
secure-assets.rubiconproject.com/floors/
0
0
Fetch
General
Full URL
https://secure-assets.rubiconproject.com/floors/1001-pbjs-floors.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/26072.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
max-age=1500
content-encoding
gzip
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
*
content-length
20
date
Wed, 18 Dec 2024 08:56:58 GMT
last-modified
Wed, 18 Dec 2024 08:41:03 GMT
content-type
application/json
server
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
Fetch
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241218
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/26072.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4b2b497079ccd9b8d47a1507f7dee10fff2554359c1f34ff599c5e9e89e51228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"63b-NUprMldNn+6tTtXZ0Usyzj7ttbA"
age
17763
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220128-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
854
x-jsd-version
1.0.2273
www-widgetapi.js
www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/
30 KB
10 KB
Script
General
Full URL
https://www.youtube.com/s/player/03dbdfab/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
age
2036
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 08:23:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:23:02 GMT
last-modified
Mon, 16 Dec 2024 05:14:15 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
280
api-esp.piano.io/publisher/fusion/lucid/data/ Frame
0
0
Preflight
General
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/280?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.144.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.telegram.hr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.telegram.hr
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3df1576c79bb73-FRA
date
Wed, 18 Dec 2024 08:56:58 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=86400; includeSubDomains
280
api-esp.piano.io/publisher/fusion/lucid/data/
464 B
816 B
XHR
General
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/280?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.144.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a0f37e644ff99c3368dc4365d11dd5fe89162e5a228050093a2c21efc9c12d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.telegram.hr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

access-control-max-age
36000
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"1d0-nrQHtdnzfa+DvQIfMp0dDfdJ6Ds"
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
x-cache-status
BYPASS
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-credentials
true
cf-ray
8f3df1581f28d25e-FRA
access-control-allow-origin
https://www.telegram.hr
server
cloudflare
1132408460152629
connect.facebook.net/signals/config/
69 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1132408460152629?v=2.9.179&r=stable&domain=www.telegram.hr&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.15 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-mrs2.fbcdn.net
Software
/
Resource Hash
68fef3914c94748f3804dbf707788b1a86af680fae467f17fb2e1a6af1fa4f3f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3XY2WWjM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3XY2WWjM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=75, mss=1232, tbw=68384, tp=64, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
iJSzSkIW7Ut0FJCIKdmw+ba/br02PC4tKlxCOeyMABBoR/IfdE11UNWyMgXYysqMmMKwZiWElzsCefC+2Qjvpg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
id
id.cxense.com/public/user/
103 B
612 B
Script
General
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22m4tnshc069mspz55%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%223see8pspjfi0tv9e74x3pyk10%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%223see8pspjfi0tv9e74x3pyk10%22%7D%5D%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
7aed69c13a30c6be26da38a151658f4387e8c69bc5c4e9686fe971a9625e718a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
103
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript;charset=utf-8
server
Jetty(9.4.28.v20200408)
fpdata.js
gahr.hit.gemius.pl/
291 B
405 B
Script
General
Full URL
https://gahr.hit.gemius.pl/fpdata.js?href=www.telegram.hr
Requested by
Host: gahr.hit.gemius.pl
URL: https://gahr.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.95.172.70 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3214309.ip-141-95-172.eu
Software
GHC /
Resource Hash
c89438047e90dc12d2daf3ae03e7a3c532e9cd623c9ff50754032e04d0dd3878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
private, max-age=2592000
etag
PRIVATE7520710249
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy
cross-origin
expires
Fri, 17 Jan 2025 08:56:58 GMT
accept-ranges
none
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-length
291
date
Wed, 18 Dec 2024 08:56:58 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
content-type
text/javascript
server
GHC
lsget.html
ls.hit.gemius.pl/ Frame 1200
0
0
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gahr.hit.gemius.pl
URL: https://gahr.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash

Request headers

Referer
https://www.telegram.hr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2811
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 08:56:58 GMT
etag
PRIVATE7520710249
expires
Fri, 17 Jan 2025 08:56:58 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
AGSKWxV-EvPLzfilOiDdg7SVbd-D2uLI5gpSL7_ihrmDPDqR7byNXoh_5VVDrifuXbBoKBSIZBwUTqz909jiAJWD43cCS2bBDUiwCIP_IeRcPi6zrfYG4ZG70aB_5vkyCCOzidEEEoV_UA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV-EvPLzfilOiDdg7SVbd-D2uLI5gpSL7_ihrmDPDqR7byNXoh_5VVDrifuXbBoKBSIZBwUTqz909jiAJWD43cCS2bBDUiwCIP_IeRcPi6zrfYG4ZG70aB_5vkyCCOzidEEEoV_UA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R84fx2NHL8ld7jI5NhJBqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIfj1pyu3WwCGzY3bGVWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoZGegZm8QUGAODeKoY"
content-security-policy
script-src 'report-sample' 'nonce-R84fx2NHL8ld7jI5NhJBqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.telegram.hr
content-length
0
x-xss-protection
0
server
ESF
AGSKWxURMYRVyW-zAo7QsKArIZUxLHDJpfiioNIJjn3OpUh5Z1dOuYFLH9hZhlwtQHRcHbmUjjCW2GAkeM8J1mmXo5SQ07dyYnhSHkPQPi_jnbAzyTNeakX_AaT7lLBauLGYXeE9o1e4Xg==
fundingchoicesmessages.google.com/f/
470 KB
67 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxURMYRVyW-zAo7QsKArIZUxLHDJpfiioNIJjn3OpUh5Z1dOuYFLH9hZhlwtQHRcHbmUjjCW2GAkeM8J1mmXo5SQ07dyYnhSHkPQPi_jnbAzyTNeakX_AaT7lLBauLGYXeE9o1e4Xg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NTEyMjE4LDg4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudGVsZWdyYW0uaHIvcGFydG5lcmkvcmlqZXNpLWt2aXotZG96bmFqLW5hanBvcHVsYXJuaWplLWRlc3RpbmFjaWplLXphLXB1dG92YW5qYS1pLWtha28tZG8tbmppaC11LTIwMjUvIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg4MjQ3XSxudWxsLDBdIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acf5b6b30dbd3d0f6a04092c6e98f0b7d7daeeebb1d7ea4c31454983aec3fc8f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5IhNIiDWXEV-zEP5CHenjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw05BikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_Fw3JrTtZtN4MLZpUeZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAJNbRaQ"
content-security-policy
script-src 'report-sample' 'nonce-5IhNIiDWXEV-zEP5CHenjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adexScript.js
adex.dotmetrics.net/Scripts/
29 KB
29 KB
Script
General
Full URL
https://adex.dotmetrics.net/Scripts/adexScript.js?v=12
Requested by
Host: adex.dotmetrics.net
URL: https://adex.dotmetrics.net/adexConfig.js?v=326&id=1179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-17.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
9ed1cb846d756c6ce0bce92440fa151f72fe10d34cb5e94fe0e6a0147c0fc376

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

etag
"1db0daf660b7d7a"
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
29562
x-amz-cf-id
-defik1YzNYdH5Cpaj7D98I2WppREJav4hz6IGQmTKHiiHMtw64ZGw==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript
last-modified
Mon, 23 Sep 2024 11:54:52 GMT
server
Kestrel
x-amz-cf-pop
FRA60-P4
clarity.js
www.clarity.ms/s/0.7.59/
67 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4umfgysht4?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

x-azure-ref
20241218T085659Z-17f9fbfbcd79h4hmhC1FRAsmrs00000002gg000000009v4p
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD1DD41438CC6B"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
3624efed-701e-0001-276e-507107000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 13:18:06 GMT
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1132408460152629&ev=PageView&dl=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&rl=&if=false&ts=1734512218940&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1734512218939.944866272170380611&ler=empty&cdl=API_unavailable&it=1734512218808&coo=false&tm=1&rqm=GET
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.35 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mrs2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4543, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1132408460152629&ev=PageView&dl=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&rl=&if=false&ts=1734512218940&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1734512218939.944866272170380611&ler=empty&cdl=API_unavailable&it=1734512218808&coo=false&tm=1&rqm=FGET
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.195.35 Marseille, France, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-mrs2.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449673255274055593"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449673255274055593"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
3WnChUw1FnuA5Md3SkTIuLdnwyViG4D+cPmYoxHT7cErEgur33qskDU/Qs97TOfU7m0Z8DKmGi8HaLuOMQ+1oA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449673255274055593", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4911, tp=13, tpl=0, uplat=301, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
rexdot.js
gahr.hit.gemius.pl/__/_1734512218941/
Redirect Chain
  • https://gahr.hit.gemius.pl/_1734512218941/rexdot.js?l=100&sendf=24&id=nSblbvtw7YnzUiC8AtarvJdS3yggumM2F_xjEZ.9W1..57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.t...
  • https://gahr.hit.gemius.pl/__/_1734512218941/rexdot.js?l=100&sendf=24&id=nSblbvtw7YnzUiC8AtarvJdS3yggumM2F_xjEZ.9W1..57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fww...
167 B
654 B
Script
General
Full URL
https://gahr.hit.gemius.pl/__/_1734512218941/rexdot.js?l=100&sendf=24&id=nSblbvtw7YnzUiC8AtarvJdS3yggumM2F_xjEZ.9W1..57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=j5UqRxdt71vYG535zOOEQwKRoL0.ism_V3W0bbHU1QL.X7h.Zy7OeBvVb7xYnjwJVx6Vzl5I7EZ2bzViTClfaGHvs_qD/v95mQH0ccsSWM/&fpdata=N_V74fPpdNInbovY8XZOhKhE_RRCsxLEZLp_zoQ1Lkn.47%7C1734512218%7C2%7C%7C%7C8%2C3%2C32&ltime=107&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67628e5a31b2edf5&brts=1734512218&fpcap=
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H2
Server
141.95.172.70 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3214309.ip-141-95-172.eu
Software
GHC /
Resource Hash
d659d273de75424683c1696dfda926c280bf3ad2e6568fb6e6a3353f6f224775

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy
cross-origin
expires
Tue, 17 Dec 2024 08:56:58 GMT
accept-ranges
none
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-length
167
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
text/javascript
server
GHC

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
location
/__/_1734512218941/rexdot.js?l=100&sendf=24&id=nSblbvtw7YnzUiC8AtarvJdS3yggumM2F_xjEZ.9W1..57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-60&fv=-&href=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=j5UqRxdt71vYG535zOOEQwKRoL0.ism_V3W0bbHU1QL.X7h.Zy7OeBvVb7xYnjwJVx6Vzl5I7EZ2bzViTClfaGHvs_qD/v95mQH0ccsSWM/&fpdata=N_V74fPpdNInbovY8XZOhKhE_RRCsxLEZLp_zoQ1Lkn.47%7C1734512218%7C2%7C%7C%7C8%2C3%2C32&ltime=107&fr=1&ref=&inner=_ver%3D355%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=67628e5a31b2edf5&brts=1734512218&fpcap=
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
cross-origin-resource-policy
cross-origin
expires
Tue, 17 Dec 2024 08:56:58 GMT
accept-ranges
none
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-length
0
date
Wed, 18 Dec 2024 08:56:58 GMT
server
GHC
pageview
tracker.telegram.hr/track/ Frame
0
0
Preflight
General
Full URL
https://tracker.telegram.hr/track/pageview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegram.hr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.telegram.hr
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
8f3df158c8d0377b-FRA
date
Wed, 18 Dec 2024 08:56:59 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Origin
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
pageview
tracker.telegram.hr/track/
0
41 B
XHR
General
Full URL
https://tracker.telegram.hr/track/pageview
Requested by
Host: beam.telegram.hr
URL: https://beam.telegram.hr/assets/lib/js/remplib.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
8f3df1595984377b-FRA
access-control-allow-origin
https://www.telegram.hr
content-length
0
date
Wed, 18 Dec 2024 08:56:59 GMT
vary
Origin
server
cloudflare
urls-in-measurement
script.dotmetrics.net/
10 B
876 B
XHR
General
Full URL
https://script.dotmetrics.net/urls-in-measurement?1734512218971
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/Scripts/script.js?v=326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-66.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
5fc309ad769fc55d6a47ef712091b8f615ddef24ee5613adbf1031777541853a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.hr/

Response headers

cache-control
no-cache
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.telegram.hr
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
WHzHMBbpYa7ju0zTZbeeHKr_1TnUVr2JSRAsoiAXKaV_KLrLS2QcPA==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
FRA56-P2
access-control-allow-headers
Content-Type, Authorization, Accept, X-Requested-With
SiteEvent.dotmetrics
script.dotmetrics.net/
398 B
997 B
Script
General
Full URL
https://script.dotmetrics.net/SiteEvent.dotmetrics?r=1734512218972&v=eyJpZCI6MTE3OSwiZmwiOnRydWUsImRvbSI6Ind3dy50ZWxlZ3JhbS5ociIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cudGVsZWdyYW0uaHIvcGFydG5lcmkvcmlqZXNpLWt2aXotZG96bmFqLW5hanBvcHVsYXJuaWplLWRlc3RpbmFjaWplLXphLXB1dG92YW5qYS1pLWtha28tZG8tbmppaC11LTIwMjUvP3V0bV9zb3VyY2U9TWlkYXMmdXRtX21lZGl1bT1XaWRnZXQmdXRtX2NhbXBhaWduPTEyJTJGMjAyNCUyMC0lMjBQQlolMjBDYXJkJTIwJnV0bV9jb250ZW50PVJPSyUyMEpFJTIwRE8lMjAzMS4lMjBTSUpFY05KQSUyMDIwMjUsJTIwUCIsInJ1cmwiOiIiLCJlY2lkIjoiMjc5YWQ4NjUtMTI2NS00Nzk0LWI4MjQtZjljZmZlMWJjNzI4IiwiZGMiOiJlNGQ0YTc2OS0yNDI0LTQxYjAtYWZjMS0zYmQxNzhmZTYzNzkiLCJ2ZXIiOjMyNiwiZGZwaCI6IiIsInR6T2Zmc2V0IjotNjAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D
Requested by
Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/Scripts/script.js?v=326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-66.fra56.r.cloudfront.net
Software
Kestrel /
Resource Hash
e53a3d85b721ce37aabd7e78683b111b993319df2f7ba394616a834ae751ef2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
no-cache
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
p3p
policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
UM8qmxb57JV9ILGQ-1p36bp-QEf4PrJ-47LQbsXsJdE23ZotARmK6g==
date
Wed, 18 Dec 2024 08:56:58 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Kestrel
x-amz-cf-pop
FRA56-P2
css
fonts.googleapis.com/
114 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyINW46jW7ouPN67RhawIvMEnwG5g/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 18 Dec 2024 08:56:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 18 Dec 2024 08:56:59 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
TW1KFIC7nnCBisaeFIm_4uRtaFTlW8Bn_njV1-SWJsp_yo--EMhM5X_KvR63F8GHURjBwdp_ZaWDoxA9pOEcP32elo1rPMowB3BIj0qY5gmKrvkh78rR6A=h60
lh3.googleusercontent.com/
4 KB
4 KB
Image
General
Full URL
https://lh3.googleusercontent.com/TW1KFIC7nnCBisaeFIm_4uRtaFTlW8Bn_njV1-SWJsp_yo--EMhM5X_KvR63F8GHURjBwdp_ZaWDoxA9pOEcP32elo1rPMowB3BIj0qY5gmKrvkh78rR6A=h60
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f9e9e500bbfcaa8fde17c520e237f9c82862966f800d3ae7475cf3b39481d6a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
11666
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 05:42:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 05:42:33 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
3876
x-xss-protection
0
server
fife
554
api-esp.piano.io/tracker/lucid/visit/ Frame
0
0
Preflight
General
Full URL
https://api-esp.piano.io/tracker/lucid/visit/554?story_url=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&visitor=boceikusx50vmxru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.144.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.telegram.hr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.telegram.hr
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3df158fdf5bb73-FRA
date
Wed, 18 Dec 2024 08:56:59 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
priority
u=1,i
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=86400; includeSubDomains
554
api-esp.piano.io/tracker/lucid/visit/
81 B
568 B
XHR
General
Full URL
https://api-esp.piano.io/tracker/lucid/visit/554?story_url=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&visitor=boceikusx50vmxru
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.144.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1d81ca58ea614bea9da2a6ba55b756bf6666c0b72da113d341967f46a3e70a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.telegram.hr/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

access-control-max-age
36000
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"51-wd6n/GCGrLYOGUpsop+PSxp7qNU"
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
application/json; charset=utf-8
vary
X-HTTP-Method-Override
priority
u=1,i
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-credentials
true
cf-ray
8f3df159a99fd25e-FRA
access-control-allow-origin
https://www.telegram.hr
server
cloudflare
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

age
125856
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://www.telegram.hr/

Response headers

age
3822
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 07:53:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 07:53:17 GMT
last-modified
Thu, 14 Dec 2023 02:00:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35328
x-xss-protection
0
server
sffe
AGSKWxV-EvPLzfilOiDdg7SVbd-D2uLI5gpSL7_ihrmDPDqR7byNXoh_5VVDrifuXbBoKBSIZBwUTqz909jiAJWD43cCS2bBDUiwCIP_IeRcPi6zrfYG4ZG70aB_5vkyCCOzidEEEoV_UA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV-EvPLzfilOiDdg7SVbd-D2uLI5gpSL7_ihrmDPDqR7byNXoh_5VVDrifuXbBoKBSIZBwUTqz909jiAJWD43cCS2bBDUiwCIP_IeRcPi6zrfYG4ZG70aB_5vkyCCOzidEEEoV_UA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4bB6Ih0yVyBMmvkj0hyCkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj9pyu3WwCO_4cFlNyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYAyzEqdQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4bB6Ih0yVyBMmvkj0hyCkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.telegram.hr
content-length
0
x-xss-protection
0
server
ESF
AGSKWxV-EvPLzfilOiDdg7SVbd-D2uLI5gpSL7_ihrmDPDqR7byNXoh_5VVDrifuXbBoKBSIZBwUTqz909jiAJWD43cCS2bBDUiwCIP_IeRcPi6zrfYG4ZG70aB_5vkyCCOzidEEEoV_UA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV-EvPLzfilOiDdg7SVbd-D2uLI5gpSL7_ihrmDPDqR7byNXoh_5VVDrifuXbBoKBSIZBwUTqz909jiAJWD43cCS2bBDUiwCIP_IeRcPi6zrfYG4ZG70aB_5vkyCCOzidEEEoV_UA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nNApqHSaMGuc3ke2vXXrYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiJvj9pyu3WwCC77NkFByScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhkZ6BmbxBQYAvYIqPQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nNApqHSaMGuc3ke2vXXrYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.telegram.hr
content-length
0
x-xss-protection
0
server
ESF
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
age
2899
expires
Fri, 17 Jan 2025 08:56:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
text/css
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 google
cf-ray
8f3df15928b79bdc-FRA
server
cloudflare
icon
onesignal.com/api/v1/apps/4a5a4862-40d1-42f0-b324-85812703ccc5/
248 B
825 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/4a5a4862-40d1-42f0-b324-85812703ccc5/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651372f0c8f21d1f49948dc40a72225ed60a3ae9b6d3596f77ab891fe3beae5b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

x-request-id
d99439d3-ddd7-4b90-989c-8733cc37fd2f
content-encoding
br
cf-cache-status
HIT
etag
W/"651372f0c8f21d1f49948dc40a72225e"
age
0
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.018565
priority
u=1,i
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 google
cf-ray
8f3df15969c64dc4-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
NiH1XNBNR3LTlnWTxDVL_t_logo.png
img.onesignal.com/permanent/42dc5623-940b-4191-905a-1a8c957e4822/
540 B
1 KB
Image
General
Full URL
https://img.onesignal.com/permanent/42dc5623-940b-4191-905a-1a8c957e4822/NiH1XNBNR3LTlnWTxDVL_t_logo.png
Requested by
Host: www.telegram.hr
URL: https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20aa25c9846e4985ac6904971cff612e421bf767246f59b5e61a2584e34a2ebb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=e9yFTQ==, md5=u7+uIgf1/WSdIpE+JxnGyQ==
cf-bgj
imgq:85,h2pri
etag
"-COyPwN2os4kDEAE="
age
929
cf-cache-status
HIT
x-goog-stored-content-encoding
identity
expires
Sat, 18 Jan 2025 08:56:59 GMT
cf-polished
origSize=2773, status=vary_header_present
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
2773
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
image/png
last-modified
Tue, 29 Oct 2024 09:52:39 GMT
vary
Origin, Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHmUCY0H4IEVVeHRFNC9my1Pjkj_of5ThLFJ2FjZiBY44e_dlLp6WnUsgl3cY1jlvBEd69mhBl02xG_ZzQ
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=2678400
pragma
no-cache
x-goog-storage-class
STANDARD
cf-ray
8f3df159aa1f8fd6-FRA
x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
accept-ranges
bytes
x-goog-generation
1730195559024620
content-length
540
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.telegram.hr
Referer
https://fonts.googleapis.com/

Response headers

age
335811
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
collect
k.clarity.ms/
0
279 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.telegram.hr/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.telegram.hr
Date
Wed, 18 Dec 2024 08:56:59 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9WS0P831P6&gtm=45je4cc1v880760283z8812726353za200zb812726353&_p=1734512218198&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=1000h&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1754002929.1734512219&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1734512218&sct=1&seg=0&dl=https%3A%2F%2Fwww.telegram.hr%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&dt=Rije%C5%A1i%20kviz%2C%20doznaj%20najpopularnije%20destinacije%20za%20putovanja%20i%20kako%20do%20njih%20u%202025.%20%7C%20Telegram.hr&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page=%2Fpartneri%2Frijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025%2F%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P&tfd=2213
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9WS0P831P6&l=dataLayer&cx=c&gtm=45He4cc1v812726353za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.telegram.hr
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
text/plain
server
Golfe2
collect
k.clarity.ms/
0
279 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.telegram.hr/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.telegram.hr
Date
Wed, 18 Dec 2024 08:57:00 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
921fe99d-b739-4d25-b89d-df067f627a6a
config.aps.amazon-adsystem.com/configs/
563 B
829 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/921fe99d-b739-4d25-b89d-df067f627a6a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-92.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
1064ba249c90277cb2f45d08b72ff30cf803444c0e91adca6684feb2a526dcbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
max-age=3600
age
3240
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
563
x-amz-cf-id
pY9jSK1tFQlTg2CVryLxO1cK5cGZ119BMUF3mv1dmwARIykADC0_1Q==
date
Wed, 18 Dec 2024 08:02:59 GMT
content-type
application/javascript
x-amz-cf-pop
FRA56-P8
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/
0
312 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.telegram.hr&pubid=921fe99d-b739-4d25-b89d-df067f627a6a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
18275
access-control-allow-credentials
true
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.telegram.hr
x-cache
Hit from cloudfront
x-amz-cf-id
tPgXIaNDX4jLC9YcCgAnPunZ1I-CKR_jp8RNnyjVTTIsx9l94p_LFg==
date
Wed, 18 Dec 2024 03:52:23 GMT
x-amz-cf-pop
FRA56-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
28064
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
OTPeclLmN4iJkBbxPu5KA3QZnduh3qzFyinwXyLta0Ms1vtt9cWhZg==
date
Wed, 18 Dec 2024 01:22:41 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ingest.php
events.newsroom.bi/
2 B
779 B
Fetch
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.telegram.hr
content-length
2
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
icon_64x64.bb1cc9.png
www.telegram.hr/_nuxt/icons/
572 B
748 B
Other
General
Full URL
https://www.telegram.hr/_nuxt/icons/icon_64x64.bb1cc9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.25.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13624806caa1a55a8b4e5fbc41ea2e8f91b5b482fbe5f7d67cdda27cb924a588

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/?utm_source=Midas&utm_medium=Widget&utm_campaign=12%2F2024%20-%20PBZ%20Card%20&utm_content=ROK%20JE%20DO%2031.%20SIJEcNJA%202025,%20P

Response headers

x-robots-tag
noarchive
cache-control
max-age=14400
x-clacks-overhead
GNU Terry Pratchett
cf-cache-status
HIT
etag
"67604f4f-23c"
age
6920
cf-ray
8f3df15ea9ead2a4-FRA
accept-ranges
bytes
content-length
572
date
Wed, 18 Dec 2024 08:56:59 GMT
content-type
image/png
last-modified
Mon, 16 Dec 2024 16:03:27 GMT
vary
Accept-Encoding
server
cloudflare
ingest.php
events.newsroom.bi/
2 B
779 B
Fetch
General
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.telegram.hr
content-length
2
date
Wed, 18 Dec 2024 08:57:00 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
recirculation.php
events.newsroom.bi/recirculation/
12 B
716 B
Fetch
General
Full URL
https://events.newsroom.bi/recirculation/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1279
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy05.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.hr/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.telegram.hr
content-length
12
date
Wed, 18 Dec 2024 08:57:01 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/
266 B
488 B
XHR
General
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=QuTHmVhFpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841fd12b3363ebb949a9a90303453646539d09f79b5c9dfb4bbf31beddf2cc13
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.telegram.hr/

Response headers

x-request-id
MaegoosQ7di
content-encoding
gzip
cf-cache-status
HIT
age
7515
expires
Wed, 18 Dec 2024 12:57:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 08:57:01 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 06:51:46 GMT
priority
u=1,i
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=14400
cf-ray
8f3df16a6ccf3626-FRA
access-control-allow-origin
*
server
cloudflare
collect
k.clarity.ms/
0
279 B
XHR
General
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.38.6 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.telegram.hr/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://www.telegram.hr
Date
Wed, 18 Dec 2024 08:57:01 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
adex.dotmetrics
adex.dotmetrics.net/
108 B
605 B
XHR
General
Full URL
https://adex.dotmetrics.net/adex.dotmetrics?1734512222998
Requested by
Host: adex.dotmetrics.net
URL: https://adex.dotmetrics.net/Scripts/adexScript.js?v=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-17.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
c707615f134e20f42be436b71bc3b1de6aee7ed796e06826e50b76070f0b31a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.hr/

Response headers

cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, PUT, DELETE, OPTIONS
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.telegram.hr
x-cache
Miss from cloudfront
p3p
policyref="w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
x-amz-cf-id
_E05g0DQWsER82oOeTzFFQwJ7oeTiJRSUXDZvTR4g-ecqh6lxSYncA==
date
Wed, 18 Dec 2024 08:57:03 GMT
content-type
text/html
x-amz-cf-pop
FRA60-P4
server
Kestrel
access-control-allow-headers
Content-Type, Authorization, Accept, X-Requested-With

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| _gtm_init object| _gtm_ids function| _gtm_inject object| dataLayer object| __TELEGRAM__ object| Coral object| webpackJsonp function| installComponents function| setImmediate function| clearImmediate object| onTelegramReadyCbs function| onTelegramReady function| OneSignal object| $OneSignal object| FontAwesomeConfig object| ___FONT_AWESOME___ object| cX object| PianoESPConfig object| tp boolean| pp_gemius_use_cmp string| pp_gemius_identifier function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| marfeel string| prebid object| apstag object| googlefc object| googletag object| $nuxt object| $telegram object| dm object| remplib object| pbjs object| FB function| cxCCE_callQueueExecute object| cxTest object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass object| recaptcha object| closure_lm_95602 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| __buffer boolean| pnFullTPVersion number| pnInitPerformance object| pn string| __tpVersion object| SWG function| ___tp string| google_user_agent_client_hint object| webpackChunk_marfeel_compass_multimedia_sdk boolean| DotMetricsInitScript number| __oneSignalSdkLoadCount function| __jp0 object| ari function| onYouTubeIframeAPIReady object| google_tag_manager function| clarity function| fbq function| _fbq object| _fbq_gtm_ids object| __connect object| __platform function| disableCollapseDiv function| startInterval object| PianoESP object| __s object| instgrm function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| DotMetricsSettings object| pbjsChunk object| _pbjsGlobals object| regeneratorRuntime number| p object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| cXJsonpCB1 object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt function| _ object| DotmetricsJSON object| DotMetricsObj object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OTYyNDYxYWVmOGQzYzUyMWxvYWRlcl9qcw== string| OTYyNDYxYWVmOGQzYzUyMWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| DMAdexInitScript object| DMAdexSettings object| $jscomp function| Sizzle object| gaGlobal object| _aps boolean| apstagLOADED object| apscustom string| prop

45 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJNbFne5Bn9hb09jBB9-ySluxK6yyV0IHw_U9QyM-FMVtk5ZxLk1KkN9G8fcGHrUxtpRcvuvSGZZuiK4QL23Hw0
cdn.midas-network.com/ Name: MIDASPIXEL
Value: 05679afa-6f1f-46fe-a011-940fb3ca760d
.onesignal.com/ Name: __cf_bm
Value: _a8Q3BxWszkFbMsFEB3WxqDyhkU8ieFKR3zgEYHHDaQ-1734512218-1.0.1.1-UUlNHPbtdoraQNfTpW0kgWImzoFLb39o7HVMI8YirAgAYtDLtDb9EP.ASs58z2fvP_u4iPrPAIkASpHFZ8xWKQ
www.telegram.hr/ Name: ab_test
Value: b
.telegram.hr/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1734512218%2C%22currentVisitStarted%22%3A1734512218%2C%22sessionId%22%3A%22ee93dc5c-5c2a-4658-a8e1-7a009afa848f%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.telegram.hr/partneri/rijesi-kviz-doznaj-najpopularnije-destinacije-za-putovanja-i-kako-do-njih-u-2025/%3Futm_source%3DMidas%26utm_medium%3DWidget%26utm_campaign%3D12%252F2024%2520-%2520PBZ%2520Card%2520%26utm_content%3DROK%2520JE%2520DO%252031.%2520SIJEcNJA%25202025%2C%2520P%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3A%222024-12-17T07%3A53%3A18.000Z%22%7D
.telegram.hr/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1734512218%2C%22userId%22%3A%22df1b4fb1-3370-47c5-bfab-0e1999106d24%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1734512218%2C%22timesVisited%22%3A1%7D
.telegram.hr/ Name: compass_uid
Value: df1b4fb1-3370-47c5-bfab-0e1999106d24
.telegram.hr/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOAmADgBYAbEIDsIgMy8ArPwCccmSAC%2BQA
events.newsroom.bi/ Name: 1279_u
Value: df1b4fb1-3370-47c5-bfab-0e1999106d24
events.newsroom.bi/ Name: 1279_lv
Value: null
events.newsroom.bi/ Name: 1279_ut
Value: 0
.telegram.hr/ Name: _pcid
Value: %7B%22browserId%22%3A%22m4tnshc069mspz55%22%7D
.telegram.hr/ Name: campaigns
Value: {}
www.telegram.hr/ Name: DotMetrics.DomainCookie
Value: {"dc":"e4d4a769-2424-41b0-afc1-3bd178fe6379","ts":1734512218618}
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=bf912b77-50dd-4c88-918a-a665c4d02f77&Created=12/18/2024 08:56:58&UserMode=0&guid=0602bee1-1cd0-4505-9d0b-d5f208433b67&ver=1
.telegram.hr/ Name: cX_P
Value: m4tnshc069mspz55
.youtube.com/ Name: YSC
Value: 7RmMPWHmYsQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QaBK1yttfQw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgYA%3D%3D
.telegram.hr/ Name: browser_id
Value: 29e155fa-b2dc-4bd4-8e41-a9efdfe5d372
.piano.io/ Name: __cf_bm
Value: DBjDJtXS2PN1gjxrGMGbwu7YY_FgXMvq8ADTpqUwrx8-1734512218-1.0.1.1-K1qlfJavTeY4NGp2lZovilOAqVmtenkosV23k2Z6Po3.Qv9DmJhCc0k5cOUhNq.lgCYZ3iW5lhPC11W5rPNeNw
.telegram.hr/ Name: pbjs_sharedId
Value: 09accff6-6d82-43b0-be1c-ce2a9aca7af3
.telegram.hr/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.telegram.hr/ Name: __tbc
Value: %7Bkpex%7DQvdr0wxSQ73g0WkbBt1H07S-Y7MtwDyd6CaAPYEXhsbIJ31uMcan3a0udG8LXWWe
.telegram.hr/ Name: __pat
Value: 3600000
.telegram.hr/ Name: __pvi
Value: eyJpZCI6InYtbTR0bnNoYzRzdmlyZHdhbSIsImRvbWFpbiI6Ii50ZWxlZ3JhbS5ociIsInRpbWUiOjE3MzQ1MTIyMTg3OTV9
.telegram.hr/ Name: xbc
Value: %7Bkpex%7DQhnSt7bdsxYD6wt0k-P1xw
.cxense.com/ Name: gckp
Value: cx:2gnj10jpvsxqf1hp6hvy3ql9uz:1lia9wezsenpo
.telegram.hr/ Name: utm_source
Value: Midas
.telegram.hr/ Name: utm_medium
Value: Widget
.telegram.hr/ Name: utm_campaign
Value: 12/2024 - PBZ Card
.telegram.hr/ Name: utm_content
Value: ROK JE DO 31. SIJEcNJA 2025, P
.telegram.hr/ Name: cX_G
Value: cx%3A2gnj10jpvsxqf1hp6hvy3ql9uz%3A1lia9wezsenpo
.telegram.hr/ Name: __gfp_64b
Value: N_V74fPpdNInbovY8XZOhKhE_RRCsxLEZLp_zoQ1Lkn.47|1734512218|2|||8,3,32
.telegram.hr/ Name: _fbp
Value: fb.1.1734512218939.944866272170380611
.telegram.hr/ Name: remp_session_id
Value: 0ddcf7df-e46e-4f10-98f5-f6abfdd0273d
.hit.gemius.pl/ Name: receive-cookie-deprecation
Value: 1
.hit.gemius.pl/ Name: Gtest
Value: KlGUuMXGQMQGBiSQiqCmBXlUssGMXP8c25nSGofBZHnBXBG.
www.telegram.hr/ Name: DM_SitId260
Value: 1
www.telegram.hr/ Name: DM_SitId260SecId1179
Value: 1
www.telegram.hr/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1734512219026%2C%22visitNumber%22%3A1%7D
www.telegram.hr/ Name: pnespsdk_visitor
Value: boceikusx50vmxru
.hit.gemius.pl/ Name: Gdyn
Value: KlQW7MGGQMQGBiSQiqCmBXlUssGMXP8c25nSGofBZHnBFRxSG7RrGS6GkoftFlMMYH7hRjBGqSRxSG8.
.hit.gemius.pl/ Name: Gdynp
Value: LMl7q44NGwvgPuoP.PSChXpNyAHgx87aVouyrXWloaj.B7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
adex.dotmetrics.net
api-esp.piano.io
beam.telegram.hr
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
campaign.telegram.hr
cdn.cxense.com
cdn.jsdelivr.net
cdn.midas-network.com
cdn.onesignal.com
cdn.tinypass.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
events.newsroom.bi
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gahr.hit.gemius.pl
get.s-onetag.com
id.cxense.com
images.telegram.hr
img.onesignal.com
k.clarity.ms
lh3.googleusercontent.com
ls.hit.gemius.pl
micro.rubiconproject.com
onesignal.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
region1.google-analytics.com
script.dotmetrics.net
sdk.mrf.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
talk.telegram.hr
tracker.telegram.hr
www.clarity.ms
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.instagram.com
www.telegram.hr
www.youtube.com
104.16.143.111
104.16.144.111
104.17.111.223
104.18.176.126
108.138.3.93
141.95.172.70
142.250.185.67
142.250.185.68
142.250.185.98
142.250.74.206
143.204.98.94
146.59.30.96
157.240.195.15
157.240.195.174
157.240.195.35
167.235.124.60
172.175.38.6
172.67.159.162
172.67.25.100
18.244.18.114
18.245.31.92
18.66.102.66
18.66.112.32
18.66.147.17
2001:4860:4802:34::36
216.58.212.162
23.56.202.187
2606:4700:10::ac43:2925
2606:4700:20::681a:346
2620:1ec:29:1::45
2a00:1450:4001:801::200e
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:829::2001
2a02:26f0:7100:983::268b
2a02:26f0:7100:99b::268b
2a04:4e42:200::485
2a04:4e42:600::649
91.134.35.216
03d2faa0b923283fe8e53912ec748c6cc5065212818f853d750e3cca444e4598
04167e6955ffc2f5c1fbec8dd63ed955bc67acc668aff6a00a3d4ce2b21527ba
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
063beb8872b0692b34e801904dddba8514058f109688de385c808f5f8801b4af
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a23e36cee22dec7137fad7f4c5b7ac96156aafd37c6637cf5f581e2f137d8ac
0ae009789bfc381ef27212d5a941a751cd9cf2102cf7c995f3b438ba0f4da59a
1064ba249c90277cb2f45d08b72ff30cf803444c0e91adca6684feb2a526dcbb
1272afdedfb1d84356150830e73ba22fb01023a194cf3865fe28660145b1eef2
13624806caa1a55a8b4e5fbc41ea2e8f91b5b482fbe5f7d67cdda27cb924a588
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
1ca76ae6ba1a396562e1d084d80951886fa393cc2d99606ae67663fa9c83f47d
1daeb8f2b20e643498e588a0f3bc753699fe28c787205ece9b0fc5cd5a7b06be
1ec2d1b7bb60024a697211659b66c8cb45e26d0248e87d4bad59a46c4259b672
20aa25c9846e4985ac6904971cff612e421bf767246f59b5e61a2584e34a2ebb
228981171ed46be39b9aa684bd736951a664b1f1dbb5413968891b02424578c8
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
27574aef2ff51e787bb3aa8d3ac023ba871e6fbbeedc9d09a69978472a24b5cc
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
2f0defeed019bc817d623a7bcbcf2b879d01cf80bc17ef0164acd215fdfb152b
300c7f80773f60197741223a1b53e7fc80f0f98e865fd616de07315866da4501
313ae4abc5b9cc464a27d1b8cea9a03bf0ac97e533d881e2ee1bf834c0ed3ed3
31d84b4c36292437aad7650cddf4392129f2b7809ecd347da7a689c42bce73ef
33a4da3f742e6a822d951e884be0d861579fdb2c78ba3172324ec2380a675da5
341dc52152f80b9259fecbda694c37815128edff3986f892dd94c8d45ff792bb
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
43a0f37e644ff99c3368dc4365d11dd5fe89162e5a228050093a2c21efc9c12d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459145908fcd4374a85bed15907b1f471c25107c604eca7f946ce5d3c7aa8aef
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4b2b497079ccd9b8d47a1507f7dee10fff2554359c1f34ff599c5e9e89e51228
4cd902aecc753dbf6717d61ad5ef104c181f04897d789de1ce5213936bacce3e
51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef
5ad49c15f3f437bc90c3ac9876571075f8c484bc39e07fd23e07c3907f264721
5adfc89340b4e5826086ae4d91742964255337ca15ba4ade8e30282f247d5d3b
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c2e82e2ef0b113f6f4ca9bc47aa44b15466e3d8e283b35ece8b72add15c6e75
5c316d9a6bd8e0d4e27dde1074d7bac5b3b5fdee958b7d8ab3f401487b04c99a
5eb00f8aabf348b3fc959e6096074de5aab38d9029c184619db51aaae402344e
5ecd4e5975adfc0a7eb58e493793d8d7a5fedd4fa352cffbeb4e4f3ce19db4f3
5f7bd99eef2a8fb453c346246d9e9d55ce46ba8e3ab8e30a8ad22fb88dfec2ff
5fc309ad769fc55d6a47ef712091b8f615ddef24ee5613adbf1031777541853a
61c710fad6e2634b0e7a009a37ceb85fda78a1957b826f2c85ca40295cda790c
61cf8fd78905adc0cafc518cd3d1aecb6d66495252f980e309ae72c18d1140c1
6472fbe6ca927ad7536cc61f50dc389a28d529b4bfc456317cbac57d1e50c7de
651372f0c8f21d1f49948dc40a72225ed60a3ae9b6d3596f77ab891fe3beae5b
6563f08627fa2cd60c0c300318405b6f545f0d7f469df6ba87c9e31ecc987217
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
68548b453a6799bd3dbe23d6025305801713b490b839dbf6fe03736cc712b514
6878c74063bb7ce15296301c6f14d20c0bb603de0a631534258010af3940b5c2
68fef3914c94748f3804dbf707788b1a86af680fae467f17fb2e1a6af1fa4f3f
6fb7042d6564a381484b51a6f5f4cbf7cb53eeb5bfa11d54969aae7620d7d196
72289cb78aca9eb0e5a616d4f598ab0e153e2fa3d56570ed8eaab74114a7b247
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7aed69c13a30c6be26da38a151658f4387e8c69bc5c4e9686fe971a9625e718a
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7d4e9530a90fdf9dce93f2c20c630b8d4c4adc64a1ca074a28a954d1fefbdc1c
8001e254ead6ecd735e0e6fb4fa2a48118d681350da71f9db0d5baea5026f99b
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
841fd12b3363ebb949a9a90303453646539d09f79b5c9dfb4bbf31beddf2cc13
85a3132de89d7bcd7608f8c9d9ac704a315df9291bd3e20ffb97152696fbe61c
88a09173b3f04c5142e89732c9776a59630baa18926152f95c340a260aa3e57e
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8cfad6480f7d66c2b1fe85ddbb488dc30108496896768f5a0cdcdfc383311289
8eab643670dc504450c8d5507277bb899bb8d7ebf22a848ec2ddb1e4c0472d50
8fa8e1613b6810570b281268eea3ac8fe5a6e57e2285d55dfd38f8b7e3c2d7c2
90b73a92db101b10e83e1ec0c21ed79e11af82bffc175f1de147b36bcce5f5e4
93e2a078bf3308dda8564df13cb2b8768829b11a4a91927fa2bdbe905fc2e413
961c659da746f6df2603eb0133084a97e3a77a5d0d1482750ada5ef637c53402
9a699a0e7849712ae935d2914de30da74cbe022998c1d48d6a23c7d0e2470344
9d476ce7d441875c1ae5a3ea08ab0a65652e3c386c2918add8ffe867461213bd
9e26ab5064dab4ccd659362ecb893cd010d78264a4ae5b540766820d1026815d
9ed1cb846d756c6ce0bce92440fa151f72fe10d34cb5e94fe0e6a0147c0fc376
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a5e238baae99884db2bb1abeb544ec06376fd29dfe7e1db76f38fb7207db105f
a657640544a74a0780c0c094e247422dc2aa73eb842cdd8cc0d0857dabc82c89
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acf5b6b30dbd3d0f6a04092c6e98f0b7d7daeeebb1d7ea4c31454983aec3fc8f
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b4cc20092b979180f2e7f1a6d0642547326eedef9b0d580506a87eac0a1c5efd
b613bcd02291615f5024a7e01ddd315707569603e4de431d9580e68c29b6b593
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b8d81eb32a4c4315aacaaf386754b38eb6ca05f7cb27b2510fdde42565c08d25
ba1d81ca58ea614bea9da2a6ba55b756bf6666c0b72da113d341967f46a3e70a
ba6dcfd133bc7de55cd202037f189e802472479e329029e12fcb28b6ece07643
bc8e2e754ccb57512f0c3d3bf9b6f48eb26d305f04dea10a051242f950efa196
bee567705518a7978bd447131dc7a1428358e28f29cea1ca87ef9e624780ed94
bf0c89a6d466325e7481eca13bbecf43daa80644400723d47e43457bc14985f2
c41708efa4897d3f9f92af5fae9d8271d5e72b752de27b2f220356b02a00acce
c707615f134e20f42be436b71bc3b1de6aee7ed796e06826e50b76070f0b31a9
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
c89438047e90dc12d2daf3ae03e7a3c532e9cd623c9ff50754032e04d0dd3878
c9eee3be9753ea5f5529998ae21f44fd0f8eceb39a42d1aa8f069386c0d33cf5
cf1ae983fbe74fd1b7097edabd23ab5c0c90eb8481916216d5f6d9a571cb74c0
d146dcdf5bc7e271100b9493d2047d0a06cbfc11566f3a93f2240ae888ce19fe
d1b1e19e953d83d3f25486ca0ce949ce23dd291c8155e4e232638dcdd137e2e6
d659d273de75424683c1696dfda926c280bf3ad2e6568fb6e6a3353f6f224775
d7438c7bbbb7f4602ae9243bc9b24de30e515354707b2cfe625f003d9e4f3b8e
d7fbe54913482ba626fb88901d266750ebebfcb30dbf8fed92165af2527af3fb
dac40935c6c2eae15288f77ac1b1e9c2927598f0dd45bf65426dbbac45f4dfdb
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ded029b6e6b6636d6b26bdbdc2c6d6598674bf96a3df2b1fa3d0b4908ca24eb2
e117aea294873c889a6118be17dedae219b12e46a4a039c420fbb032aa0acde5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43db0a6d224f2c45ccc42e3a038bf4d560bd18810caeaf00a05289adbd999bf
e53a3d85b721ce37aabd7e78683b111b993319df2f7ba394616a834ae751ef2c
e9507d30d1cf0af2969ef782d8ae1bcd30e2661d9dc1d34902f910d7bf4f69ca
ebf434bbc38f0cd15704a4f332c7711bec1428bec45d7381dc27ab0345db1860
ec4dd4c24f0ad96c8a8b32b31fc0753a785a89c266f6f641ba91c82ee7319cb0
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
f39ee9135a2f3b7589198d1ac499c9977a3550afc819083f078bd212d762d021
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f7373315d78ea2ec559283f354dbedd888cebc23121c38a5cca7126c7faf5ba6
f7d45cf034c2b02f09acd98b7a6848b79bcfcf827933d08d19149dfd4e4f6f85
f9e9e500bbfcaa8fde17c520e237f9c82862966f800d3ae7475cf3b39481d6a4
ff7c2f9419ec10b3aaa3c444ee1efbb62f13dff56da23a4e5b583a00a13ebf8f