urlscan.io logo urlscan.io
SecurityTrails logo

telegrafi.com
172.67.135.19  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symp... 13yr old
Submission: On August 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 90 IPs in 13 countries across 87 domains to perform 352 HTTP transactions. The main IP is 172.67.135.19, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is telegrafi.com. The Cisco Umbrella rank of the primary domain is 344494. 13yr old
TLS certificate: Issued by WE1 on July 18th 2025. Valid for: 3mo.
This is the only time telegrafi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
45 172.67.135.19 13335 (CLOUDFLAR...)
1 104.18.54.45 13335 (CLOUDFLAR...)
3 46.8.152.14 213119 (ALZ-SOFTW...)
1 151.101.193.229 54113 (FASTLY)
1 18.66.112.59 16509 (AMAZON-02)
3 142.250.186.34 15169 (GOOGLE)
1 99.84.152.26 16509 (AMAZON-02)
5 142.250.186.136 15169 (GOOGLE)
4 142.250.185.234 15169 (GOOGLE)
1 116.202.11.241 24940 (HETZNER-A...)
1 104.17.24.14 13335 (CLOUDFLAR...)
5 21 116.202.167.155 24940 (HETZNER-A...)
2 108.138.3.93 16509 (AMAZON-02)
1 142.250.186.65 15169 (GOOGLE)
21 92.223.124.62 199524 (GCORE G-C...)
4 104.16.128.65 13335 (CLOUDFLAR...)
3 2.23.9.182 16625 (AKAMAI-AS)
5 199.101.135.227 40824 (WZ-US-40824)
4 199.232.196.134 54113 (FASTLY)
1 104.26.12.42 13335 (CLOUDFLAR...)
2 95.211.66.35 60781 (LEASEWEB-...)
4 178.250.1.11 44788 (ASN-CRITE...)
3 142.250.181.238 15169 (GOOGLE)
2 13.107.253.44 8075 (MICROSOFT...)
2 172.64.144.166 13335 (CLOUDFLAR...)
5 157.240.0.6 32934 (FACEBOOK)
8 216.58.212.163 15169 (GOOGLE)
1 88.99.85.119 24940 (HETZNER-A...)
1 188.40.115.112 24940 (HETZNER-A...)
4 99.86.4.42 16509 (AMAZON-02)
3 142.250.185.174 15169 (GOOGLE)
1 104.18.69.40 13335 (CLOUDFLAR...)
1 2 104.18.1.22 13335 (CLOUDFLAR...)
13 116.202.167.156 24940 (HETZNER-A...)
1 172.67.192.173 13335 (CLOUDFLAR...)
6 157.240.251.35 32934 (FACEBOOK)
3 151.101.0.134 54113 (FASTLY)
2 116.202.167.133 24940 (HETZNER-A...)
3 216.239.34.36 15169 (GOOGLE)
4 172.175.234.12 8075 (MICROSOFT...)
1 6 193.3.178.3 399668 (E-PLANNING-)
2 37.230.131.21 200197 (HYBRID-Po...)
1 1 204.62.12.209 46636 (NATCOWEB)
8 14 142.250.186.98 15169 (GOOGLE)
3 37.157.5.84 198622 (ADFORM Ad...)
2 8.2.110.97 46636 (NATCOWEB)
1 1 80.77.87.162 46636 (NATCOWEB)
7 193.200.65.6 6681 (giveme-cl...)
3 4 18.202.121.175 16509 (AMAZON-02)
1 8.2.110.161 46636 (NATCOWEB)
1 34.95.81.88 396982 (GOOGLE-CL...)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 34.241.66.95 16509 (AMAZON-02)
1 8.2.110.206 46636 (NATCOWEB)
1 1 80.77.82.130 46636 (NATCOWEB)
1 1 35.214.192.129 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA ...)
1 2 104.18.27.193 13335 (CLOUDFLAR...)
1 2 185.184.8.90 204995 (RTB-HOUSE...)
3 3 146.59.69.183 16276 (OVH OVH SAS)
3 23.75.65.182 16625 (AKAMAI-AS)
1 151.101.2.132 54113 (FASTLY)
1 167.235.184.171 24940 (HETZNER-A...)
1 37.187.82.222 16276 (OVH OVH SAS)
1 188.93.89.87 57814 (Cloud9 Cl...)
2 193.3.178.2 399668 (E-PLANNING-)
2 89.207.16.140 41041 (VCLK-EU-S...)
2 18.153.64.118 16509 (AMAZON-02)
2 2 136.243.254.123 24940 (HETZNER-A...)
2 31.28.167.114 15497 (Colocall ...)
2 116.202.167.157 24940 (HETZNER-A...)
2 2 104.102.33.206 16625 (AKAMAI-AS)
4 2.23.9.130 16625 (AKAMAI-AS)
2 184.28.88.244 16625 (AKAMAI-AS)
2 51.89.9.254 16276 (OVH OVH SAS)
11 3.171.214.105 16509 (AMAZON-02)
2 65.9.66.122 16509 (AMAZON-02)
16 104.18.20.114 13335 (CLOUDFLAR...)
2 34.1.227.231 15169 (GOOGLE)
2 11 172.67.72.108 13335 (CLOUDFLAR...)
2 184.86.251.220 20940 (AKAMAI-AS...)
3 198.47.127.19 62713 (AS-PUBMATIC)
1 1 37.157.5.141 198622 (ADFORM Ad...)
7 7 104.26.15.135 13335 (CLOUDFLAR...)
2 103.231.98.106 62713 (AS-PUBMATIC)
2 2 163.5.194.37 60558 (SECUREDSE...)
2 37.157.2.229 198622 (ADFORM Ad...)
2 151.101.65.44 54113 (FASTLY)
2 3.144.50.154 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 185.15.245.83 24961 (MYLOC-AS ...)
2 18.159.85.19 16509 (AMAZON-02)
2 4 151.101.130.49 54113 (FASTLY)
2 4 52.94.222.140 16509 (AMAZON-02)
2 2 52.18.69.40 16509 (AMAZON-02)
4 69.173.144.165 26667 (RUBICONPR...)
2 35.214.136.108 15169 (GOOGLE)
2 2 57.129.18.111 16276 (OVH OVH SAS)
2 2 3.209.134.128 14618 (AMAZON-AES)
2 35.71.131.137 16509 (AMAZON-02)
6 142.250.185.67 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
1 172.217.16.130 15169 (GOOGLE)
1 18.66.92.94 16509 (AMAZON-02)
352 90
45    172.67.135.19 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
telegrafi.com 13yr old
1    104.18.54.45 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
pub-e182faea6e2146519474f280e42e51ff.r2.dev 3yr old
3    46.8.152.14 (London, United Kingdom)

ASN213119 (ALZ-SOFTWARE-AS ALZ Software Ltd, GB)
clickiocmp.com 3yr old
cdn.clickiocdn.com 6yr old
1    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net 13yr old
1    18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net
cdn-a.yieldlove.com 9yr old
3    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net 10yr old
1    99.84.152.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-152-26.fra56.r.cloudfront.net
geotags.refinery89.com 3yr old
5    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com 13yr old
4    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com 9yr old
ajax.googleapis.com 10yr old
1    116.202.11.241 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.241.11.202.116.clients.your-server.de
cdn.onthe.io 10yr old
1    104.17.24.14 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com 13yr old
21    116.202.167.155 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.155.167.202.116.clients.your-server.de
inv-nets.admixer.net 9yr old
2    108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net
c.amazon-adsystem.com 12yr old
1    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
cdn.ampproject.org 10yr old
21    92.223.124.62 (Frankfurt am Main, Germany)

ASN199524 (GCORE G-Core Labs S.A., LU)
cdn.admixer.net 11yr old
scripts.futureads.io 4yr old
4    104.16.128.65 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com 11yr old
sbp.izooto.com 5yr old
3    2.23.9.182 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-9-182.deploy.static.akamaitechnologies.com
a.teads.tv 10yr old
5    199.101.135.227 (United States)

ASN40824 (WZ-US-40824, US)
PTR: ap7.adplayer.pro
serving.stat-rock.com 7yr old
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
telegraficom.disqus.com 3yr old
referrer.disqus.com 10yr old
1    104.26.12.42 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
tdns0.gtranslate.net 6yr old
2    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: hosted-by.leaseweb.com
up.clickiocdn.com 3yr old
4    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
gum.criteo.com 10yr old
3    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com 13yr old
2    13.107.253.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms 8yr old
scripts.clarity.ms 10mo old
2    172.64.144.166 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net 4yr old
5    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net 13yr old
8    216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net
fonts.gstatic.com 10yr old
1    88.99.85.119 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.119.85.99.88.clients.your-server.de
s.clickiocdn.com 9yr old
1    188.40.115.112 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.112.115.40.188.clients.your-server.de
tt.onthe.io 10yr old
4    99.86.4.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-42.fra6.r.cloudfront.net
tags.refinery89.com 7yr old
3    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
fundingchoicesmessages.google.com 7yr old
1    104.18.69.40 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
embeds.beehiiv.com 5yr old
2    104.18.1.22 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
unpkg.com 10yr old
13    116.202.167.156 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.156.167.202.116.clients.your-server.de
ads.futureads.io 5yr old
1    172.67.192.173 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
telegra.fi 12yr old
6    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com 11yr old
3    151.101.0.134 (San Francisco, United States)

ASN54113 (FASTLY, US)
disqus.com 13yr old
2    116.202.167.133 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.133.167.202.116.clients.your-server.de
inv-nets-eu.admixer.net 9yr old
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com 5yr old
4    172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms 5yr old
6    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net 13yr old
u-ams03.e-planning.net 4yr old
2    37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL)
dm-eu.hybrid.ai 5yr old
1    204.62.12.209 (Clifton, United States)

ASN46636 (NATCOWEB, US)
sync-service.net 4yr old
14    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net 10yr old
3    37.157.5.84 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net 10yr old
2    8.2.110.97 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com 6yr old
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com 9yr old
7    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL)
PTR: adforce.team
m.trafmag.com 6yr old
4    18.202.121.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-121-175.eu-west-1.compute.amazonaws.com
dpm.demdex.net 9yr old
1    8.2.110.161 (United States)

ASN46636 (NATCOWEB, US)
cm-x.mgid.com 3yr old
1    34.95.81.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.81.95.34.bc.googleusercontent.com
s-cs.rmp.rakuten.com 6yr old
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com 12yr old
1    34.241.66.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-66-95.eu-west-1.compute.amazonaws.com
ap.lijit.com 10yr old
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com 5yr old
1    80.77.82.130 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com 6yr old
1    35.214.192.129 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 129.192.214.35.bc.googleusercontent.com
csync.loopme.me 9yr old
1    82.145.213.8 (Amsterdam, Netherlands)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com 5yr old
2    104.18.27.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com 12yr old
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com 13yr old
3    146.59.69.183 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ngx-pl-01.greencuttlefish.com
server.smartytech.io 3yr old
3    23.75.65.182 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-65-182.deploy.static.akamaitechnologies.com
t.teads.tv 10yr old
1    151.101.2.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync.teads.tv 10yr old
1    167.235.184.171 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.171.184.235.167.clients.your-server.de
adsv.net 9yr old
1    37.187.82.222 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3254119.ip-37-187-82.eu
pixel.onaudience.com 9yr old
1    188.93.89.87 (Tbilisi, Georgia)

ASN57814 (Cloud9 Cloud 9 Ltd., GE)
www.top.ge 9yr old
2    193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net 6yr old
2    89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams03-nessy-float2.dotomi.com
prebid-match.dotomi.com 8yr old
2    18.153.64.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-64-118.eu-central-1.compute.amazonaws.com
match.sharethrough.com 9yr old
2    136.243.254.123 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.123.254.243.136.clients.your-server.de
eu-rtbstack-cm.admixer.net 1yr old
2    31.28.167.114 (Kyiv, Ukraine)

ASN15497 (Colocall 1 Cloud Lab s.r.o., SK)
PTR: 167-114.admixercdn-s2.cc.colocall.com
content.admixer.net 8yr old
2    116.202.167.157 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.157.167.202.116.clients.your-server.de
sbidder-new-inv-eu.admixer.net 1yr old
2    104.102.33.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-33-206.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com 10yr old
4    2.23.9.130 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-9-130.deploy.static.akamaitechnologies.com
eus.rubiconproject.com 8yr old
2    184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com
ads.pubmatic.com 10yr old
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com 11yr old
11    3.171.214.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-214-105.fra50.r.cloudfront.net
c.disquscdn.com 9yr old
2    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net 13yr old
16    104.18.20.114 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com 9yr old
mwzeom.zeotap.com 9yr old
2    34.1.227.231 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 231.227.1.34.bc.googleusercontent.com
u-ams.4dex.io 2yr old
11    172.67.72.108 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
dsp-service.admatic.de 2yr old
static.cdn.admatic.de 2yr old
2    184.86.251.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-86-251-220.deploy.static.akamaitechnologies.com
hb.trustedstack.com 3yr old
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com 10yr old
1    37.157.5.141 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net 10yr old
7    104.26.15.135 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
prebid.admatic.de 2yr old
2    103.231.98.106 (Japan)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com 8yr old
2    163.5.194.37 (France)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
prebid.a-mo.net 6yr old
2    37.157.2.229 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net 12yr old
2    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
trc.taboola.com 10yr old
2    3.144.50.154 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-144-50-154.us-east-2.compute.amazonaws.com
dmp.v.fwmrm.net 7yr old
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com 10yr old
2    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
dmp.theadex.com 10yr old
2    18.159.85.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-85-19.eu-central-1.compute.amazonaws.com
aa.agkn.com 10yr old
4    151.101.130.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net 9yr old
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com 13yr old
2    52.18.69.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-69-40.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 5yr old
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com 10yr old
token.rubiconproject.com 10yr old
2    35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net 13yr old
2    57.129.18.111 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy-eu-013.roqad.pl
ws.rqtrk.eu 6yr old
2    3.209.134.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-134-128.compute-1.amazonaws.com
sync.srv.stackadapt.com 10yr old
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org 10yr old
6    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com 10yr old
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com 10yr old
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pagead2.googlesyndication.com 10yr old
1    18.66.92.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-94.fra56.r.cloudfront.net
d1hyarjnwqrenh.cloudfront.net 3yr old
Apex Domain
Subdomains		 Transfer
48 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2906 9yr old
cdn.admixer.net — Cisco Umbrella Rank: 88031 11yr old
inv-nets-eu.admixer.net — Cisco Umbrella Rank: 392610 9yr old
eu-rtbstack-cm.admixer.net — Cisco Umbrella Rank: 6211 1yr old
content.admixer.net — Cisco Umbrella Rank: 211476 8yr old
sbidder-new-inv-eu.admixer.net — Cisco Umbrella Rank: 334240 1yr old
353 KB
45 telegrafi.com
telegrafi.com — Cisco Umbrella Rank: 344494 13yr old
1 MB
18 admatic.de
dsp-service.admatic.de — Cisco Umbrella Rank: 1943 2yr old
prebid.admatic.de — Cisco Umbrella Rank: 2950 2yr old
static.cdn.admatic.de — Cisco Umbrella Rank: 2512 2yr old
15 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 271 10yr old
cm.g.doubleclick.net — Cisco Umbrella Rank: 317 10yr old
242 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2839 9yr old
mwzeom.zeotap.com — Cisco Umbrella Rank: 3234 9yr old
7 KB
15 futureads.io
scripts.futureads.io — Cisco Umbrella Rank: 535798 4yr old
ads.futureads.io — Cisco Umbrella Rank: 901756 5yr old
66 KB
14 gstatic.com
fonts.gstatic.com 10yr old
299 KB
11 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 8585 9yr old
540 KB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1126 10yr old
eus.rubiconproject.com — Cisco Umbrella Rank: 727 8yr old
pixel.rubiconproject.com — Cisco Umbrella Rank: 439 10yr old
token.rubiconproject.com — Cisco Umbrella Rank: 569 10yr old
13 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2779 13yr old
s.e-planning.net — Cisco Umbrella Rank: 10945 6yr old
u-ams03.e-planning.net Failed — Cisco Umbrella Rank: 49166 4yr old
4 KB
8 disqus.com
telegraficom.disqus.com 3yr old
disqus.com — Cisco Umbrella Rank: 1183 13yr old
referrer.disqus.com — Cisco Umbrella Rank: 13506 10yr old
61 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 652 10yr old
image6.pubmatic.com — Cisco Umbrella Rank: 815 10yr old
image8.pubmatic.com — Cisco Umbrella Rank: 719 8yr old
7 KB
7 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 129554 6yr old
2 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1840 10yr old
t.teads.tv — Cisco Umbrella Rank: 3337 10yr old
sync.teads.tv — Cisco Umbrella Rank: 1281 10yr old
109 KB
6 adform.net
cm.adform.net — Cisco Umbrella Rank: 1252 10yr old
c1.adform.net — Cisco Umbrella Rank: 761 12yr old
3 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 121 11yr old
425 B
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 496 8yr old
scripts.clarity.ms — Cisco Umbrella Rank: 755 10mo old
n.clarity.ms — Cisco Umbrella Rank: 4997 5yr old
34 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 66 13yr old
region1.google-analytics.com — Cisco Umbrella Rank: 3398 5yr old
112 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 387 12yr old
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1209 13yr old
89 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 215 13yr old
178 KB
5 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 94785 7yr old
112 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52 13yr old
641 KB
5 refinery89.com
geotags.refinery89.com — Cisco Umbrella Rank: 192126 3yr old
tags.refinery89.com — Cisco Umbrella Rank: 47475 7yr old
217 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 883 9yr old
1 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 288 9yr old
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 523 10yr old
743 B
4 clickiocdn.com
up.clickiocdn.com — Cisco Umbrella Rank: 44426 3yr old
cdn.clickiocdn.com — Cisco Umbrella Rank: 246568 6yr old
s.clickiocdn.com — Cisco Umbrella Rank: 50204 9yr old
138 KB
4 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 21931 11yr old
sbp.izooto.com — Cisco Umbrella Rank: 391994 5yr old
98 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 9yr old
ajax.googleapis.com — Cisco Umbrella Rank: 469 10yr old
36 KB
3 smartytech.io
server.smartytech.io — Cisco Umbrella Rank: 4956 3yr old
1 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 801 7yr old
225 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 414 10yr old
297 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 726 10yr old
3 KB
2 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 8942 6yr old
744 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 431 13yr old
275 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 7304 5yr old
536 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 606 10yr old
613 B
2 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 45135 10yr old
146 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 9343 10yr old
1 KB
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 23523 7yr old
920 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 722 10yr old
253 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 871 6yr old
152 B
2 trustedstack.com
hb.trustedstack.com — Cisco Umbrella Rank: 1534 3yr old
480 B
2 4dex.io
u-ams.4dex.io — Cisco Umbrella Rank: 51746 2yr old
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1162 13yr old
bcp.crwdcntrl.net Failed 10yr old
20 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 822 11yr old
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 651 9yr old
115 B
2 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2211 8yr old
207 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 590 13yr old
876 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 618 12yr old
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1649 12yr old
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2199 6yr old
258 B
2 hybrid.ai
dm-eu.hybrid.ai — Cisco Umbrella Rank: 13371 5yr old
561 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 757 10yr old
3 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1659 4yr old
172 KB
2 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 41638 10yr old
tt.onthe.io — Cisco Umbrella Rank: 37176 10yr old
22 KB
2 clickiocmp.com
clickiocmp.com — Cisco Umbrella Rank: 51946 3yr old
81 KB
1 cloudfront.net
d1hyarjnwqrenh.cloudfront.net 3yr old
411 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 10yr old
1 top.ge
www.top.ge — Cisco Umbrella Rank: 161407 9yr old
162 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2940 9yr old
99 B
1 adsv.net
adsv.net 9yr old
62 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1009 5yr old
671 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 868 9yr old
305 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 1872 6yr old
410 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 6523 5yr old
526 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 837 10yr old
193 B
1 rakuten.com
s-cs.rmp.rakuten.com — Cisco Umbrella Rank: 6554 6yr old
301 B
1 mgid.com
cm-x.mgid.com — Cisco Umbrella Rank: 7308 3yr old
517 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 889 9yr old
609 B
1 sync-service.net
sync-service.net — Cisco Umbrella Rank: 11254 4yr old
378 B
1 telegra.fi
telegra.fi — Cisco Umbrella Rank: 957005 12yr old
765 B
1 beehiiv.com
embeds.beehiiv.com — Cisco Umbrella Rank: 40628 5yr old
3 KB
1 gtranslate.net
tdns0.gtranslate.net — Cisco Umbrella Rank: 393790 6yr old
398 B
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 531 10yr old
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 233 13yr old
17 KB
1 yieldlove.com
cdn-a.yieldlove.com — Cisco Umbrella Rank: 46634 9yr old
126 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 312 13yr old
1 KB
1 r2.dev
pub-e182faea6e2146519474f280e42e51ff.r2.dev — Cisco Umbrella Rank: 998481 3yr old
3 KB
0 krxd.net Failed
beacon.krxd.net Failed 10yr old
usermatch.krxd.net Failed 10yr old
0 adnxs.com Failed
ib.adnxs.com Failed 10yr old
0 bluekai.com Failed
tags.bluekai.com Failed 10yr old
0 adpartner.pro Failed
a4p.adpartner.pro Failed 10yr old
0 adtarget.com.tr Failed
s.console.adtarget.com.tr Failed 6yr old
0 yahoo.com Failed
ups.analytics.yahoo.com Failed 7yr old
0 Failed
function sub() { [native code] }. Failed
0 heatmap.it Failed
u.heatmap.it Failed 13yr old
352 87
Domain Requested by
45 telegrafi.com telegrafi.com
21 inv-nets.admixer.net 5 redirects telegrafi.com
cdn.admixer.net
ads.us.e-planning.net
serving.stat-rock.com
19 cdn.admixer.net telegrafi.com
cdn.admixer.net
inv-nets.admixer.net
14 cm.g.doubleclick.net 8 redirects telegrafi.com
spl.zeotap.com
14 fonts.gstatic.com fonts.googleapis.com
13 ads.futureads.io www.googletagmanager.com
cdn.admixer.net
telegrafi.com
serving.stat-rock.com
12 mwzeom.zeotap.com spl.zeotap.com
11 c.disquscdn.com disqus.com
c.disquscdn.com
7 static.cdn.admatic.de dsp-service.admatic.de
7 prebid.admatic.de 7 redirects
7 m.trafmag.com telegrafi.com
6 www.facebook.com connect.facebook.net
telegrafi.com
5 connect.facebook.net telegrafi.com
connect.facebook.net
5 serving.stat-rock.com telegrafi.com
serving.stat-rock.com
5 www.googletagmanager.com telegrafi.com
www.googletagmanager.com
4 aax-eu.amazon-adsystem.com 2 redirects spl.zeotap.com
4 sync-tm.everesttech.net 2 redirects spl.zeotap.com
4 dsp-service.admatic.de 2 redirects ads.us.e-planning.net
4 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
4 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 dpm.demdex.net 3 redirects telegrafi.com
4 cm.adform.net 1 redirects telegrafi.com
4 n.clarity.ms scripts.clarity.ms
4 tags.refinery89.com geotags.refinery89.com
4 gum.criteo.com cdn-a.yieldlove.com
3 referrer.disqus.com telegrafi.com
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 u-ams03.e-planning.net ads.us.e-planning.net
dsp-service.admatic.de
3 t.teads.tv a.teads.tv
3 server.smartytech.io 3 redirects
3 ads.us.e-planning.net 1 redirects ads.futureads.io
telegrafi.com
inv-nets.admixer.net
3 region1.google-analytics.com www.googletagmanager.com
3 disqus.com telegraficom.disqus.com
c.disquscdn.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 www.google-analytics.com telegrafi.com
www.google-analytics.com
3 a.teads.tv telegrafi.com
a.teads.tv
3 cdn.izooto.com telegrafi.com
cdn.izooto.com
3 fonts.googleapis.com telegrafi.com
3 securepubads.g.doubleclick.net telegrafi.com
securepubads.g.doubleclick.net
2 token.rubiconproject.com eus.rubiconproject.com
2 match.adsrvr.org spl.zeotap.com
2 sync.srv.stackadapt.com 2 redirects
2 ws.rqtrk.eu 2 redirects
2 x.bidswitch.net spl.zeotap.com
2 pixel.rubiconproject.com spl.zeotap.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aa.agkn.com spl.zeotap.com
2 dmp.theadex.com spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 c1.adform.net spl.zeotap.com
2 prebid.a-mo.net 2 redirects
2 image8.pubmatic.com dsp-service.admatic.de
2 hb.trustedstack.com ads.us.e-planning.net
2 u-ams.4dex.io ads.us.e-planning.net
2 tags.crwdcntrl.net s.e-planning.net
2 onetag-sys.com ads.us.e-planning.net
2 ads.pubmatic.com ads.us.e-planning.net
2 secure-assets.rubiconproject.com 2 redirects
2 sbidder-new-inv-eu.admixer.net cdn.admixer.net
2 content.admixer.net cdn.admixer.net
2 eu-rtbstack-cm.admixer.net 2 redirects
2 match.sharethrough.com ads.us.e-planning.net
2 prebid-match.dotomi.com ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 creativecdn.com 1 redirects telegrafi.com
2 ssum-sec.casalemedia.com 1 redirects telegrafi.com
2 ads.betweendigital.com 2 redirects
2 us.ck-ie.com telegrafi.com
2 dm-eu.hybrid.ai telegrafi.com
2 inv-nets-eu.admixer.net cdn.admixer.net
2 unpkg.com 1 redirects telegrafi.com
2 cdn.confiant-integrations.net cdn-a.yieldlove.com
cdn.confiant-integrations.net
2 up.clickiocdn.com telegrafi.com
2 telegraficom.disqus.com telegrafi.com
2 scripts.futureads.io telegrafi.com
scripts.futureads.io
2 c.amazon-adsystem.com telegrafi.com
c.amazon-adsystem.com
2 clickiocmp.com telegrafi.com
clickiocmp.com
1 sbp.izooto.com cdn.izooto.com
1 d1hyarjnwqrenh.cloudfront.net geotags.refinery89.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 www.top.ge telegrafi.com
1 pixel.onaudience.com telegrafi.com
1 adsv.net telegrafi.com
1 sync.teads.tv a.teads.tv
1 t.adx.opera.com telegrafi.com
1 csync.loopme.me 1 redirects
1 cs.krushmedia.com 1 redirects
1 cs.mobfox.com telegrafi.com
1 ap.lijit.com telegrafi.com
1 s-cs.rmp.rakuten.com telegrafi.com
1 cm-x.mgid.com telegrafi.com
1 cs.admanmedia.com 1 redirects
1 sync-service.net 1 redirects
1 telegra.fi telegrafi.com
1 embeds.beehiiv.com www.googletagmanager.com
1 scripts.clarity.ms www.clarity.ms
1 tt.onthe.io cdn.onthe.io
1 s.clickiocdn.com clickiocmp.com
1 www.clarity.ms telegrafi.com
1 cdn.clickiocdn.com clickiocmp.com
1 tdns0.gtranslate.net telegrafi.com
1 ajax.googleapis.com telegrafi.com
1 cdn.ampproject.org telegrafi.com
1 cdnjs.cloudflare.com telegrafi.com
1 cdn.onthe.io telegrafi.com
1 geotags.refinery89.com telegrafi.com
1 cdn-a.yieldlove.com telegrafi.com
1 cdn.jsdelivr.net telegrafi.com
1 pub-e182faea6e2146519474f280e42e51ff.r2.dev telegrafi.com
0 usermatch.krxd.net Failed spl.zeotap.com
0 beacon.krxd.net Failed spl.zeotap.com
0 bcp.crwdcntrl.net Failed spl.zeotap.com
0 ib.adnxs.com Failed ads.us.e-planning.net
spl.zeotap.com
0 tags.bluekai.com Failed telegrafi.com
0 a4p.adpartner.pro Failed telegrafi.com
0 s.console.adtarget.com.tr Failed telegrafi.com
0 ups.analytics.yahoo.com Failed telegrafi.com
spl.zeotap.com
0 localhost Failed cdnjs.cloudflare.com
0 u.heatmap.it Failed telegrafi.com
352 121
Subject Issuer Validity Valid
telegrafi.com
WE1		 2025-07-18 -
2025-10-16		 3mo crt.sh
*.r2.dev
E6		 2025-07-21 -
2025-10-19		 3mo crt.sh
*.clickiocmp.com
E5		 2025-07-15 -
2025-10-13		 3mo crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-06-02 -
2026-07-04		 1yr crt.sh
cdn-a.yieldlove.com
Amazon RSA 2048 M03		 2024-10-10 -
2025-11-08		 1yr crt.sh
*.g.doubleclick.net
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
refinery89.com
Amazon RSA 2048 M02		 2025-03-27 -
2026-04-24		 1yr crt.sh
*.google-analytics.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
upload.video.google.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
*.onthe.io
Sectigo ECC Domain Validation Secure Server CA		 2025-05-20 -
2026-06-08		 1yr crt.sh
cdnjs.cloudflare.com
WE1		 2025-07-20 -
2025-10-18		 3mo crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2024-12-06 -
2025-12-06		 1yr crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 1yr crt.sh
misc-sni.google.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
*.futureads.io
Sectigo RSA Domain Validation Secure Server CA		 2024-09-04 -
2025-09-04		 1yr crt.sh
izooto.com
WE1		 2025-07-29 -
2025-10-27		 3mo crt.sh
teads.tv
R10		 2025-07-29 -
2025-10-27		 3mo crt.sh
serving.stat-rock.com
R11		 2025-08-10 -
2025-11-08		 3mo crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2025-03-28 -
2026-04-16		 1yr crt.sh
gtranslate.net
WE1		 2025-07-06 -
2025-10-04		 3mo crt.sh
*.clickiocdn.com
E5		 2025-06-25 -
2025-09-23		 3mo crt.sh
*.clickio.com
E6		 2025-06-25 -
2025-09-23		 3mo crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-06-25 -
2025-09-25		 3mo crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2025-07-22 -
2026-04-14		 9mo crt.sh
confiant-integrations.net
WE1		 2025-07-01 -
2025-09-29		 3mo crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2025-05-30 -
2025-08-28		 3mo crt.sh
*.gstatic.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
s.clickiocdn.com
E5		 2025-07-16 -
2025-10-14		 3mo crt.sh
*.google.com
WE2		 2025-07-07 -
2025-09-29		 3mo crt.sh
scripts.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2025-07-29 -
2026-04-14		 9mo crt.sh
beehiiv.com
WE1		 2025-07-06 -
2025-10-04		 3mo crt.sh
telegra.fi
WE1		 2025-07-27 -
2025-10-25		 3mo crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2025-05-21 -
2025-11-17		 6mo crt.sh
ads.us.e-planning.net
R10		 2025-06-21 -
2025-09-19		 3mo crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2024-09-04 -
2025-10-05		 1yr crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-05-23 -
2026-06-18		 1yr crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2024-11-27 -
2025-12-29		 1yr crt.sh
x.mgid.com
Go Daddy Secure Certificate Authority - G2		 2025-07-01 -
2025-11-01		 4mo crt.sh
*.rmp.rakuten.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-01-06 -
2026-01-20		 1yr crt.sh
*.trafmag.com
Sectigo Public Server Authentication CA DV R36		 2025-06-09 -
2026-07-09		 1yr crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2024-10-21 -
2025-11-20		 1yr crt.sh
cs.mobfox.com
R10		 2025-08-07 -
2025-11-05		 3mo crt.sh
*.adx.opera.com
Trust Provider B.V. TLS RSA CA G1		 2025-06-03 -
2026-07-03		 1yr crt.sh
*.teads.tv
Thawte TLS RSA CA G1		 2025-05-18 -
2026-05-17		 1yr crt.sh
adsv.net
Sectigo RSA Domain Validation Secure Server CA		 2024-08-28 -
2025-09-08		 1yr crt.sh
*.onaudience.com
Go Daddy Secure Certificate Authority - G2		 2025-05-05 -
2026-05-27		 1yr crt.sh
www.top.ge
R11		 2025-06-29 -
2025-09-27		 3mo crt.sh
*.e-planning.net
R11		 2025-06-21 -
2025-09-19		 3mo crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2024-08-20 -
2025-09-21		 1yr crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-07-17 -
2026-08-17		 1yr crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 1yr crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 1yr crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 1yr crt.sh
a.disquscdn.com
Amazon RSA 2048 M02		 2025-06-29 -
2026-07-27		 1yr crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M04		 2025-08-09 -
2026-09-07		 1yr crt.sh
zeotap.com
E5		 2025-06-24 -
2025-09-22		 3mo crt.sh
u-ams.4dex.io
WR3		 2025-07-27 -
2025-10-25		 3mo crt.sh
dsp-service.admatic.de
E5		 2025-07-07 -
2025-10-05		 3mo crt.sh
hb.trustedstack.com
R11		 2025-07-25 -
2025-10-23		 3mo crt.sh
static.cdn.admatic.de
E6		 2025-07-06 -
2025-10-04		 3mo crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 1yr crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 1yr crt.sh
*.v.fwmrm.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-12 -
2025-12-13		 1yr crt.sh
dmp.theadex.com
R11		 2025-08-13 -
2025-11-11		 3mo crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-09-13 -
2025-09-29		 1yr crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-06-09 -
2025-09-03		 3mo crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-19 -
2026-04-02		 1yr crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2025-05-05 -
2026-04-23		 1yr crt.sh

This page contains 41 frames:

Primary Page: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Frame ID: A9F5069838844F972107BD9396DA65C6
Requests: 216 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 8CDFD8B1E53180BA39CDD43FB327B21C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Frame ID: B445F6AA1ED22083B6B65066969366BF
Requests: 1 HTTP requests in this frame

Frame: https://scripts.futureads.io/scripts3/92978/c.html?b=92978
Frame ID: 00223BD15F7C62B3E2B05C9867BD9516
Requests: 1 HTTP requests in this frame

Frame: blob://https://telegrafi.com/63727452-be23-4256-8c50-238871b98dd8
Frame ID: 2BDB15C3C3F98D6B7C940F5990734101
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default
Frame ID: 23DDED025165949C03A19DF56EE6F019
Requests: 22 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: D2DC0A880199904F614B4642853F232A
Requests: 8 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=221143&gdprIab=%7B%22type%22%3A%22AddEventListener%22%2C%22consent%22%3A%22CQWcqAAQWcqAAA_AFAENB4FgAAAAAAAAAAAAAAAAAAAA.YAAAAAAAAAAA%22%2C%22reason%22%3A121%2C%22status%22%3A12%2C%22apiVersion%22%3A2%2C%22cmpId%22%3A63%7D&fromFormat=true&env=js-web&auctid=76ef7c25-6378-43d4-90fe-255002d13dff&vid=00000000-0000-0000-0000-000000000001&1755711321404=
Frame ID: 982D2A5FF49DDEA22E5305A5BFC37428
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Frame ID: 62316E2FEEC44F02421E1FD74066DE3B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/loader2.js
Frame ID: 9D35C84362DD612C354E45FF131F5AF1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Frame ID: 29F7222836CA8E493C4BF5F7EA79BCBE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Frame ID: DCACD9857F01DEADB7CC3279E7877E8D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/m/ad-viewable.js
Frame ID: 7EE0ED517F84228AA74A9F4260AB729C
Requests: 6 HTTP requests in this frame

Frame: https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Frame ID: CC3729B1EBE1197D27400A71690D2B83
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: F6904823D3F83FDA44E443A68E68580A
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 38E9600008AC440422DE9D1511461D8F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Frame ID: B5543D84E4D022C352AB4EDCF749EEC9
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0C28AF580049C87EC3EB325200A46FC5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 50B16B82C611CED4CA166BEAF97F3B61
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Frame ID: 53A26CC71D8D4BFE9A434CFB5F6E3935
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 04B48C326E77CFAFB5BB1452AA3AFDB1
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 8EC2843B5970CE571D384BCB45FEB304
Requests: 25 HTTP requests in this frame

Frame: https://u-ams.4dex.io/ortb/usync.html?publisher_id=1417&r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3D7d0379c2259b3e0e%26fi%3D49c2ecf1ff8ee8ac
Frame ID: 98632523B65048B6C510E81D56FB18FE
Requests: 1 HTTP requests in this frame

Frame: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Frame ID: 4B5E036E7DEB041DC1C736AA2BE58356
Requests: 1 HTTP requests in this frame

Frame: https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D49c2ecf1ff8ee8ac
Frame ID: AAA380F37BE925F219C46F9982753FE2
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFGrKBOiu5gxrZgU
Frame ID: 024C34C083B1A81061450F2FDF24B69E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: E57EB5D2B8411346ED541A9C10249F43
Requests: 25 HTTP requests in this frame

Frame: https://u-ams.4dex.io/ortb/usync.html?publisher_id=1417&r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3D7d0379c2259b3e0e%26fi%3D49c2ecf1ff8ee8ac
Frame ID: 1BDA545789EBD3A361408D478460A284
Requests: 1 HTTP requests in this frame

Frame: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Frame ID: 7F50B0CBAF72076C310FDCC1C44C0E3C
Requests: 1 HTTP requests in this frame

Frame: https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D49c2ecf1ff8ee8ac
Frame ID: 14198EFCAE5CA55DA44F8C78FBACE186
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFGrKBOiu5gxrZgU
Frame ID: 290E86E9F4988F1C5DC534C23CB06EB9
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632
Frame ID: A020B38FA09BF77AF1474294BC752EC3
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79
Frame ID: 270DFC313453A0DADE419FD8FEAE87DB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Frame ID: EE45C9CC15157E954107F1364343D96C
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
Frame ID: F4DA706AD06E8B628391C71452CB0C4D
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Frame ID: 46B8AF24BDFF9F9F4170D1E4BB69831F
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78
Frame ID: BC7FDFEE98F92DFD6D2D68A26B357199
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Frame ID: 478053B46CEED72C9ADABD947461E2AB
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf&dc=5f8d43ca0719402c&fi=49c2ecf1ff8ee8ac
Frame ID: 005D759526AC9F3AD978C913A5E2C37B
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf
Frame ID: 92D8D4A9FB0CCA9A3B2AE1D81FF6D4F0
Requests: 1 HTTP requests in this frame

Frame: https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Frame ID: C1C66AC35ACEF4E4B708326D1B2FCE89
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

James Van Der Beek speaks openly about his battle with colon cancer: It all started with a subtle symptom - Telegraph - Telegraph

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

352
Requests

85 %
HTTPS

0 %
IPv6

87
Domains

121
Subdomains

90
IPs

13
Countries

5559 kB
Transfer

16562 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@5.1.0/dist/web-vitals.iife.js
Request Chain 145
  • https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 148
  • https://sync-service.net/ssp?token=QW2e7t5kKis0&pl=community HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=7148526deb900116458d419392a4e236
Request Chain 153
  • https://cs.admanmedia.com/0a28772f54bab302b4cd3d4ab3d49473.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D41783197-9E0A-46F4-B576-C7B369401968%26id%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=41783197-9E0A-46F4-B576-C7B369401968&id=4d97de37-578d-491d-95b9-7749ed970ef4 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Request Chain 155
  • https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=0bb275cd9cc249af9ca879107e32817c HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=0bb275cd9cc249af9ca879107e32817c
Request Chain 160
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1&rts=8301964199271106349 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=29997d2f-c4b7-52e8-bc29-19cbd48f1e92
Request Chain 166
  • https://cs.krushmedia.com/da8470a7dda716277c26e6b5a3905b8c.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE2686680-B13A-4730-B79A-59A7FC223B45%26id%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=E2686680-B13A-4730-B79A-59A7FC223B45&id=14db766d-08ae-5533-b147-c6a69643cc03
Request Chain 167
  • https://csync.loopme.me/?pubid=11488&gdpr=&gdpr_consent=[gdpr_consent_109]&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DC4729463-E4FF-4B3E-AAA2-487038DEBF16%26id%3D{viewer_token} HTTP 307
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C4729463-E4FF-4B3E-AAA2-487038DEBF16&id=681f584d-be26-486f-ab37-c1a56b5894b6&gdpr_consent=[gdpr_consent_109]&gdpr=null
Request Chain 170
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Request Chain 171
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 173
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D17669FAA-B4BA-4D29-A46F-9415F4FCBD4F%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=237d3c6a-756c-4579-afe0-06d4e0dc2878
Request Chain 199
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26fi%3D49c2ecf1ff8ee8ac HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=49c2ecf1ff8ee8ac
Request Chain 201
  • https://eu-rtbstack-cm.admixer.net/cm?client=c4527281-5aa5-4c8e-bc53-a80bb3f99470&ssp=89&partnerUserID=[USER_ID]&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%24visitor_cookie%24%24%26dc%3D9dbc022dd765f529%26fi%3D49c2ecf1ff8ee8ac HTTP 302
  • https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEAjy6GoRrRwyCwo4g0TxR7Q&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEENi0ksP9ukSkSOny1xkEa8&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEGFt9Dcp8_esEA2PhgqKhNw&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEBIN_mk_LjSDy01VIJqqVhE&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Request Chain 217
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 223
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26fi%3D49c2ecf1ff8ee8ac HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=49c2ecf1ff8ee8ac
Request Chain 225
  • https://eu-rtbstack-cm.admixer.net/cm?client=c4527281-5aa5-4c8e-bc53-a80bb3f99470&ssp=89&partnerUserID=[USER_ID]&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%24visitor_cookie%24%24%26dc%3D9dbc022dd765f529%26fi%3D49c2ecf1ff8ee8ac HTTP 302
  • https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
Request Chain 226
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 245
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid.admatic.de/setuid?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632
Request Chain 246
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79
Request Chain 248
  • https://dsp-service.admatic.de/users/sync/?redir=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadmaticde%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D7e03d3a7-980b-4eb4-8b2d-2490dbb9f066 HTTP 302
  • https://prebid.admatic.de/setuid?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
Request Chain 249
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Request Chain 257
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b66ffb8c-6a6d-464b-504c-3406da3ca06d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Request Chain 258
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7540722704963926378&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361&_test=aKYHWQAAfvhEtABG
Request Chain 266
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361&dcc=t
Request Chain 267
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Request Chain 271
  • https://ws.rqtrk.eu/pull?pid=29b47cf6-51f1-45dc-8095-193fb9abe4da&tr=1&g=1&return-unstable=1&redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1590%26cid%3D%24BROWSER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=da1dc9f6-28f3-4514-9fd9-c0c972c8703c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Request Chain 272
  • https://sync.srv.stackadapt.com/sync?nid=zeotap&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d
Request Chain 277
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78 HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78
Request Chain 280
  • https://dsp-service.admatic.de/users/sync/?redir=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadmaticde%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3Df5a91c5d-5345-49eb-a42f-fd7a79445bbf HTTP 302
  • https://prebid.admatic.de/setuid?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf
Request Chain 281
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP 301
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Request Chain 288
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dcce0aec-d35e-440c-488a-69ea1f5ff821&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Request Chain 289
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7540722704966351210&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Request Chain 295
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361&_test=aKYHWQAAAVE94wAQ
Request Chain 297
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dcce0aec-d35e-440c-488a-69ea1f5ff821&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dcce0aec-d35e-440c-488a-69ea1f5ff821&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361&dcc=t
Request Chain 298
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Request Chain 302
  • https://ws.rqtrk.eu/pull?pid=29b47cf6-51f1-45dc-8095-193fb9abe4da&tr=1&g=1&return-unstable=1&redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1590%26cid%3D%24BROWSER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=8135d6d9-e7f6-4c2f-aaf3-ac10653784f7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Request Chain 303
  • https://sync.srv.stackadapt.com/sync?nid=zeotap&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&gdpr=1&gdpr_consent=

352 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/ 		297 KB
76 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1987f790226a8edcf0fc8f13e54546c2e65f91d4f61d8f3509535560d7513d2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
9723a5802d97d398-FRA
content-encoding
zstd
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 20 Aug 2025 17:35:20 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DMcCQ1MSMkrYxta%2B06qMvo6Tq2yRYVvM7ciC%2BsgMGpxnZgqXbea7qw7Uw138%2BQ6yL8cecC%2Fy5wKHn5iMDwpIiMLy7I8T11Mj7U%2BwMnM%3D"}]}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-gt-cache-status
MISS
x-gt-delivered-by
GTranslate v8.2.8 in 40ms visit https://gtranslate.io
x-gt-origurl
/james-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate/
x-gt-server
tigr
info.js
pub-e182faea6e2146519474f280e42e51ff.r2.dev/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub-e182faea6e2146519474f280e42e51ff.r2.dev/info.js?v=1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.54.45 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357717320ce31217108ce712773787245503044b6ee935370aaf0d45f88f110c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

ETag
"583a76fa8893f2e11a8376ed91e5f351"
Connection
keep-alive
CF-RAY
9723a58829aed22e-FRA
Accept-Ranges
bytes
Content-Length
2505
Date
Wed, 20 Aug 2025 17:35:20 GMT
Content-Type
text/javascript
Last-Modified
Fri, 04 Aug 2023 07:16:53 GMT
Vary
Accept-Encoding
Server
cloudflare
consent_236558.js
clickiocmp.com/t/ 		254 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocmp.com/t/consent_236558.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS ALZ Software Ltd, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
481dc734979311fc81b29f6ddd5d0342b16435cb8401913bcd97290c9dfa4e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
iseu
eu
iscntr
eu
cache-control
max-age=60
content-encoding
gzip
etag
W/"68a5dcf1-3f7db"
expires
Wed, 20 Aug 2025 17:36:20 GMT
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Aug 2025 14:34:25 GMT
server
nginx/1.24.0
isMobile.min.js
cdn.jsdelivr.net/npm/ismobilejs@1/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ismobilejs@1/dist/isMobile.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33db99b2fdea7e2ef65907c6fb31f54c1bc78196689ffc8dac26637090a8eb8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"75a-FO4CH/twosD6GHbI49EEMaxGxg4"
age
5023
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230161-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
805
x-jsd-version
1.1.1
yieldlove.js
cdn-a.yieldlove.com/v2/ 		392 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-a.yieldlove.com/v2/yieldlove.js?telegrafi.com
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
/ Express
Resource Hash
3b9225aa63452ef9b19342f53c41288c5a746d481e647edfde38e29acdbbd809

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
public, max-age=10800, stale-while-revalidate=2592000
content-encoding
gzip
etag
"6216c-c9qom5Eevo1QKMvhb4Kv89IXMxc"
age
5850
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
XysSkbhHSw7dweq7oVtPcw2fS5RHKlJ7xOacDve4KkL1pucnVDejXA==
date
Wed, 20 Aug 2025 15:58:15 GMT
content-type
application/javascript; charset=utf-8
x-powered-by
Express
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P5
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ea43e80784dc51ade98d3cd06d3d0874c4236143d80d209fa2d21e2fd775505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
br
etag
131 / 20320 / 31094144 / config-hash: 11676676027215572684
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
35010
x-xss-protection
0
server
cafe
telegraficom.js
geotags.refinery89.com/ 		204 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotags.refinery89.com/telegraficom.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.152.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-152-26.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2712672389b4f6a7c1e74f0f6cfd76b292055c589eeba93e5cff61ab9b8f74a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

vary
accept-encoding
cache-control
max-age=21600, public
content-encoding
gzip
etag
W/"53aab1dad0f6a28198c08ec750904ee6"
age
1175
via
1.1 9786ec469d62f3b53938082150cd0248.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
MiSuJvljUUgiYUmTloDC7PY-flDbV9NTp4Pu5FLOTucAbe4fTZFeNQ==
date
Wed, 20 Aug 2025 17:15:46 GMT
content-type
text/javascript
last-modified
Mon, 11 Aug 2025 14:40:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P13
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VLYQGEH6F0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3bc0071870ad0ece139b8416f3d7bf2806fa9a6c8008375b4077be7ee94e36a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0"}],}
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1106:0
content-length
142442
x-xss-protection
0
server
Google Tag Manager
css2
fonts.googleapis.com/ 		12 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
1d998fbb745efaa7c1eb0a57c6e8493a617a6932f98dbd0e2624afbe80eef440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Aug 2025 17:35:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter+Tight:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
0af26f92d8e00cc24a644a16f1641f0ca320dbce4e22e8c986df9ada77100311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Aug 2025 17:28:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
DqfniW44qMqs
cdn.onthe.io/io.js/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/DqfniW44qMqs
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.11.241 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.241.11.202.116.clients.your-server.de
Software
nginx /
Resource Hash
6fe12f443d57fba3f686959e72e430698b8a78465c198284f3e44900361cbc28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=86400
Content-Encoding
gzip
ETag
W/"60e6fa2c-11165"
Connection
keep-alive
Expires
Thu, 21 Aug 2025 17:35:20 GMT
Date
Wed, 20 Aug 2025 17:35:20 GMT
Content-Type
text/javascript
Last-Modified
Thu, 08 Jul 2021 13:14:20 GMT
Server
nginx
style.min.css
telegrafi.com/wp-includes/css/dist/block-library/ 		110 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"67059858-1b72b"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=C83b8dx938s6IJbN2iNxrQTuumPp0azchzZqMwAtGKjGaeVPYfoTarrRYjJpLoXOdsWZCCJmXcEHUNkhZFyfzylSdGz57L9S6t2E6vU%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 20:38:48 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be83d398-FRA
server
cloudflare
style.css
telegrafi.com/wp-content/themes/telegrafi/ 		620 B
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/style.css?ver=1.0.0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917a8e0e07eb4d6cfe4e04f19b6292bc973084f303781202dde790f0c366b8ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64263a77-26c"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=gfEQo%2B6Bau%2FS%2BTK0ba2w%2BYaLZaZhbRdGpk8o9lE8GfK7VsDHWPLqIytwrh%2FJlmotJUsApJpGR%2BoDjtjKArb3dy8qkEMWtWN%2BroF5J7M%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/css
vary
accept-encoding
last-modified
Fri, 31 Mar 2023 01:42:15 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be84d398-FRA
server
cloudflare
app.css
telegrafi.com/wp-content/themes/telegrafi/dist/scss/ 		370 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/dist/scss/app.css?ver=70.0.48
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b889055a792d60682f04bcfa39c78b6a2721da5c81b1f460a30d54011b5970

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6787b547-5c787"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VKFiZIW3%2FGhwG2rAUOjWylZmbzkz8kW4eh5xSrBTqqd7ABIsb6MH99LJ917Q%2BQ7BtVeYnE15QCepRPzSEkdOiEJwFKqO%2B4%2BkKCl5R54%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 15 Jan 2025 13:16:55 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be85d398-FRA
server
cloudflare
deals.css
telegrafi.com/wp-content/themes/telegrafi/dist/scss/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/dist/scss/deals.css?ver=70.0.9
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051f6d42f6630832b4b457e8a903ceaba20aa7ea82abcfbeb23950be161fea48

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6555e411-226c"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4BwqAdPrD3bg%2F43oSN15W6BGXiq4A%2FThYsOZufxEr9LekIHQySWatSyOSuJobpOgIu2T5NlVvq%2FshwTYiSWOUFRzsUJjX4uN0Xlzo1Y%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/css
vary
accept-encoding
last-modified
Thu, 16 Nov 2023 09:42:41 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be86d398-FRA
server
cloudflare
jquery.min.js
telegrafi.com/wp-includes/js/jquery/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"662df801-15601"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7ov2qBXVIix15XTnL2%2BIgWDaFjn5Z5YHlR%2FDOaGwMJ2zAqBSQwolOoEuNfGJWjHXIgdy6TG0E4FEki9fVXR0e8Neh3rmIjBZC3nPbUs%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sun, 28 Apr 2024 07:17:21 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be88d398-FRA
server
cloudflare
jquery-migrate.min.js
telegrafi.com/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"662df801-3509"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WHkRNT9MQ7lDn9P6auhJconCRIs6KjSgAJwWL5nGpNgUwpaKRln%2FiAazqLylrID%2BqOsHYC7qqrmgoVHoo9pRz8SYYt14yJ2eBkWIHMM%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Sun, 28 Apr 2024 07:17:21 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be87d398-FRA
server
cloudflare
socket.io.js
cdnjs.cloudflare.com/ajax/libs/socket.io/2.2.0/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.2.0/socket.io.js?ver=70.0.10
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fd5-f3d5"
age
9821
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KB5wyDIqYwmum3KQGPtHmb6vq74RaGxL2cms6HfC9%2F%2BlX4%2FiwRTCvRcIQtdPl%2F04EaSfLEjRpFs60emR91W%2BxB7o5taItf2aZ%2BfRH5s5GwbBykjXuw3uXPncyYfvs9QxNtMwFE96"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Aug 2026 17:35:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:16:21 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9723a587cf591e6c-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16810
server
cloudflare
dmpcnt.js
inv-nets.admixer.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dmpcnt.js?cntoid=4b653e90-855d-4c2b-996b-07d381c48dff
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
1ccc3a8bfcbfe963e885a54b329cbf203806e32bd1afb1262a13bc0268f879b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Wed, 21 Oct 2015 07:28:00 GMT
cache-control
no-store
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
server
nginx
apstag.js
c.amazon-adsystem.com/aax2/ 		331 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fa902836352e174b06a253c97ea3a14179615d313f24cbe4be2f3d27ec42c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"585b4af7ce08c7057e51aa8a482a2aac"
age
2822
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fDzd1gq5zG2vroR6ycctgUq3f7qPOywFstdTQmymgKpJfIxIl-If-w==
date
Wed, 20 Aug 2025 16:48:19 GMT
content-type
application/javascript
x-amz-cf-pop
FRA60-P1, FRA56-P6
server
AmazonS3
last-modified
Tue, 19 Aug 2025 20:17:59 GMT
x-amz-server-side-encryption
AES256
amp-riddle-quiz-0.1.js
cdn.ampproject.org/v0/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-riddle-quiz-0.1.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
cadd864b9d3dbab3c34388c47827b0d8fb1defc19810974a8483ebbb6a774b44
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
br
etag
"11657a34fc489903"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1519
x-xss-protection
0
server
sffe
loader2.js
cdn.admixer.net/scripts3/ 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
788fbc77bce6bd9b0a39d1f51757e2d264e52272c456641af159f68bbdff2046

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=600
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300bd-2c7b5"
age
190
cross-origin-resource-policy
cross-origin
traceparent
00-9d1a6a357659e08a68b4a70f898124c9-28cea4597b9aba1a-01
expires
Mon, 18 Aug 2025 22:10:22 GMT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:21 GMT
server
nginx
x-cached-since
2025-08-20T17:32:10+00:00
loader2.js
scripts.futureads.io/scripts3/ 		178 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/loader2.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
788fbc77bce6bd9b0a39d1f51757e2d264e52272c456641af159f68bbdff2046

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
content-encoding
gzip
etag
W/"68a300bd-2c7b5"
age
156897
traceparent
00-3c2372624307b295da59fcbb2c777663-f2812a7d3bc12267-01
expires
Mon, 18 Aug 2025 22:10:23 GMT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:21 GMT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=600
x-id
fr5-hw-edge-gc8
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-cached-since
2025-08-18T22:00:23+00:00
server
nginx
commonninja.js%E2%81%A9
telegrafi.com/james-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate/%E2%81%A6https://cdn.commoninja.com/sdk/latest/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/james-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate/%E2%81%A6https://cdn.commoninja.com/sdk/latest/commonninja.js%E2%81%A9
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

link
<https://cdn.gtranslate.net/>; rel=dns-prefetch
cache-control
no-cache, must-revalidate, max-age=0
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Br1IdLculXEG%2BP3h4kFhz4KbyaOoJ9V4O12zL0IWEk9Kez6C04GazaMkLQHpXmAvvKVQUOnbgE5wftfaLY35C%2F0dpHClQoHZ8chZ1eU%3D"}]}
cf-ray
9723a589deafd398-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
b3bda2c1959a528ce1dc87b77391f300e4e01317.js
cdn.izooto.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/b3bda2c1959a528ce1dc87b77391f300e4e01317.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.128.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ac8401e423b0496990a375a9956ec0b6927078bb71d386e1de9afff4ce783e4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672f8de2-772"
age
1023846
expires
Thu, 21 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Sat, 09 Nov 2024 16:29:22 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=86400
cf-ray
9723a587dc60c0eb-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
apple.png
telegrafi.com/wp-content/themes/telegrafi/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/img/apple.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c888936d3e200d4ec6c4886ee120b610b50710fa1cec182a1f21d4ea496d49ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"63d6ba62-e9a"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ewFqriO8Z4qh7WzNoYx0TMZWvFDWqzrg5thOBBvYO74Qieg764qoKFNZ%2Bl7TMJwkSYpgdrujU3%2FcZdT3NxNF9%2B3OLCylfc2RGUTk93o%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Sun, 29 Jan 2023 18:26:42 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be89d398-FRA
accept-ranges
bytes
content-length
3738
server
cloudflare
android.png
telegrafi.com/wp-content/themes/telegrafi/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/img/android.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219d3150ef5dc59a5c6aa8a8e4cc6ae75291863f732fdcb2901ae94ad73d0a32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"63d6ba62-1027"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XY272MTeatVUVU2mrIf5CvFDiA3HX9vZ4KM7fs%2BEM6hZbtgnxI2MrokheLZ5s9wSxi%2FrwfyxXlm4POUI0TgW%2FwgOaTerbhLb3NUCQ7s%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Sun, 29 Jan 2023 18:26:42 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a587be8ad398-FRA
accept-ranges
bytes
content-length
4135
server
cloudflare
jammmes-e1754739983276-780x439.jpg
telegrafi.com/wp-content/uploads/2025/08/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/08/jammmes-e1754739983276-780x439.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722b12970b2c18f919b9a291abb2a945cee9a50b0843fa1ea9ac44e90d8b5a55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
MISS
etag
"6897350f-10ee4"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=i2FwHUtBaKyRqDB%2FOwqoeuf4LRw4mEaqw2K1FhsOAiHgzCsRMXvSMDa0S6ivGUKlwfrWf2dXWwZmK7ULRhljETYMgQ0%2Bd5R1h0Z1jYw%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Sat, 09 Aug 2025 11:46:23 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a5882e90d398-FRA
accept-ranges
bytes
content-length
69348
server
cloudflare
tag
a.teads.tv/page/204890/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/204890/tag
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.182 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
501500a14283788184f78e0c3b0f5d0201824b8d1c680d57f9aaf1eaa618c856

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, must-revalidate, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
access-control-allow-credentials
true
expires
0
access-control-allow-origin
*
content-length
1085
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
futureads.js
serving.stat-rock.com/player/ 		357 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/futureads.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
5066c17f1c7ee416e5d797edd2bca200bf682ecb971007d309acc79a85994e33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
public, max-age=600
content-encoding
gzip
etag
W/"67f37f9a-594ff"
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Mon, 07 Apr 2025 07:32:42 GMT
server
nginx
vary
Accept-Encoding
/
telegrafi.com/james-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate/ 		297 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/james-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate/
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf439bedd5ad524a8d9d905626d09b6e0b8309056a7f964817ced3d4aefd941

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

link
<https://cdn.gtranslate.net/>; rel=dns-prefetch, <https://telegrafi.com/?p=4346907>; rel=shortlink
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cu9bBkCzDlF%2FnowVmfvPrDkGdP72hWvMD3Tu57ob3cJkEwttv6RU8%2B%2Fko1%2Fl1S1svrsqkK2Ut5mL8lUarRxYafbsfI%2Fr%2BvZe2NDKaLk%3D"}]}
cf-ray
9723a589deb0d398-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
EXFIS-150x150.jpg
telegrafi.com/wp-content/uploads/2025/06/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/06/EXFIS-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd3e362418504cd0dbbefa787ba90e61f397fd04f9cafb5c155d9a82b958913

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"68596261-c5f"
age
299675
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dheOxIbgDM8VeHd8pFo6RlkN%2BbYHjMHkYYo8VTECw03IJLIYDyD7s2zWJxd10Vo%2Fa2nJMzkJ8TMwPr9uo%2B0XjzXLAlnIjGuvIxL2wTk%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Jun 2025 14:19:13 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a5882e91d398-FRA
accept-ranges
bytes
content-length
3167
server
cloudflare
prishtinaticket-150x150.jpg
telegrafi.com/wp-content/uploads/2022/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/prishtinaticket-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa5b9973f1496ad90c9f7a5e6cfcfa93b4fd97644ab94262b67f917368aebea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"62c595ae-18f4"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9DWaMNsvFZwOfXLSH4vBOxr%2BxV4Z6zEPWsUTSucyYbOSMoFsm2kWcS71MONdUG2pIAQ%2BZKCaR3QGNVVtRE6Edv0dvAz1vWBI0MbXrZk%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Wed, 06 Jul 2022 14:01:18 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a5884e94d398-FRA
accept-ranges
bytes
content-length
6388
server
cloudflare
MITA-150x150.png
telegrafi.com/wp-content/uploads/2022/07/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2022/07/MITA-150x150.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbce182957e21c9756c7fda859f8b34923ed7a870950febc6e8bdf732ae3dc87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"62c538ee-27a9"
age
239529
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eyW4Vnihhd%2BlZpHKV0S8%2Bbbu69KcpMKVYBlE9eqBz%2BPnBL3uTQzRj0FUGuhwFky%2FG%2BrJtuHg2Z6IXy0QcIbfXW20%2BZOYt3W2czcjq2o%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Wed, 06 Jul 2022 07:25:34 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb3d398-FRA
accept-ranges
bytes
content-length
10153
server
cloudflare
487511619_1434875941167788_4923526467061051466_n-150x150.jpg
telegrafi.com/wp-content/uploads/2025/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/08/487511619_1434875941167788_4923526467061051466_n-150x150.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe93261168650f7e4f5a881a8a71dfa4bf566c6021dd19941fb657d608d419a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"689c779b-b3f"
age
33521
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QnMEWSeuy3zyFNPCQrZD4BgdUd3HFlBpMNGDl2bYuwCCaadu0cTv3gqJv4QDvFMIqEHtS%2BlF5EQH7Sgwr9WxxflFsfAvcQXuNlAZUd0%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Wed, 13 Aug 2025 11:31:39 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb1d398-FRA
accept-ranges
bytes
content-length
2879
server
cloudflare
630_360_1679564904-243-380x233.jpg
telegrafi.com/wp-content/uploads/2024/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2024/08/630_360_1679564904-243-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e82982544fd7c2e64649982be7c026e0684a4988f275eec35bb8b640f93ac69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"66c8a118-6386"
age
347868
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UzTrIhv6QZykcoJgC7qYqnzyzIfDqhV0my%2FocgQtsKIL4cPICFC%2BR3B0d0bGBcHhH0EWiJE9NjtdKCoZI1Cbv5axzYRbtf7PjDLfIgY%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Fri, 23 Aug 2024 14:47:52 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb2d398-FRA
accept-ranges
bytes
content-length
25478
server
cloudflare
Screenshot_4-51-380x233.jpg
telegrafi.com/wp-content/uploads/2024/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2024/01/Screenshot_4-51-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65b4ee0998fe4f6e5e023613736e40621371c311d5304935659fe3681d3f85cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"65b75269-7074"
age
347811
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OtBm%2FnVxTqwaaaZ7mXUKdBRoBeZYSCTULIej4Sq7aAYR%2BAPodglrMa0GIlr%2BB9mHyEpbM6K9iGyIi50K3LTS8WP5L%2BW7qsMvZ%2BSB4No%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Mon, 29 Jan 2024 07:23:21 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb6d398-FRA
accept-ranges
bytes
content-length
28788
server
cloudflare
cats-3-380x233.jpg
telegrafi.com/wp-content/uploads/2023/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/10/cats-3-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18a76dda3744331df3bcb3fb0e94a83558b7317f7b5e224cc62a812e9f3dffe5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"651efedd-5a10"
age
347868
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bywNyjprii30vsVndEl2OfQ4A5b7%2FdBMnjKM08hU5eCKcfECljOofY%2BXhDARmYwBKQFZxnlo%2FOlD5FYDwvzZyvcqS%2B%2FuZrboUkWvUkM%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Thu, 05 Oct 2023 18:22:21 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb5d398-FRA
accept-ranges
bytes
content-length
23056
server
cloudflare
Screenshot_4-50-380x233.jpg
telegrafi.com/wp-content/uploads/2023/08/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/08/Screenshot_4-50-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a11296a53fb17a0c0b4ac764231177161a178a0431137ac65e17ef681734b91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64ef75c4-5ee9"
age
347811
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rtTeJ%2FwELn1RXN%2BCJkN7mQWZbAyZAT6RGuiQ3oXZ8LGzy%2BTyPznYz%2FOPSovfsUyslNAyJiei9UEYUBrq8TILrW8dxvLVN8z1kSpMHCE%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Wed, 30 Aug 2023 17:00:52 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb4d398-FRA
accept-ranges
bytes
content-length
24297
server
cloudflare
www-2-e1692909520799-380x233.jpg
telegrafi.com/wp-content/uploads/2023/08/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/08/www-2-e1692909520799-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d215a9403afb76b0eed80dace549702c8ab844bb08a8c5de6d95d08e1cd1fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64e7bfd0-3c34"
age
347811
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B35o46SQbWClem8ry5SxbkBEuuQtGRl11RF0z9yX3qNEXvKOZ43lYWMzhJgOa3c2%2Bzkbj9XmqRHnO4NexyZyLLO%2FLXjvgxFsyyvNM90%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Thu, 24 Aug 2023 20:38:40 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb8d398-FRA
accept-ranges
bytes
content-length
15412
server
cloudflare
lcimg-b92e8467-cbab-4274-a450-e9bb950f05e7-e1692901637871-380x233.jpeg
telegrafi.com/wp-content/uploads/2023/08/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/08/lcimg-b92e8467-cbab-4274-a450-e9bb950f05e7-e1692901637871-380x233.jpeg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d54c295e84aaf11b439bade979f79e35442bf2d0019a71d3b1edcc9e5475bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64e7a105-5acb"
age
347868
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dtL0S9DssMAPJBmLPNm82W6M2360Lk51gbyNg4TiH24vGa%2BJoJIN%2FVDBH4Qm%2Bt4vENmJb19zZB%2FwW0S9VEjn4VfVXBGTMXiv%2F68tCyE%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Thu, 24 Aug 2023 18:27:17 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb7d398-FRA
accept-ranges
bytes
content-length
23243
server
cloudflare
Screenshot_11-5-380x233.jpg
telegrafi.com/wp-content/uploads/2023/08/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/08/Screenshot_11-5-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2cfe89e9448d3e904bf7070f89c8ffe439dfac831f72f085a1930b8557ce655

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64d93085-487b"
age
347868
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HMmCqg2ruSuecGUEF4rARH2LzGyDK0N2EpLjxdnhebFigzzGMKqcJPCVRyLAKTmJxA%2FJwtqiv%2FzYHPKpdGssXGhgoAtINx5twOPgKQQ%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Sun, 13 Aug 2023 19:35:33 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589debad398-FRA
accept-ranges
bytes
content-length
18555
server
cloudflare
cats-7-380x233.jpg
telegrafi.com/wp-content/uploads/2023/08/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/08/cats-7-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
399f4025d84a9c4d03ccdb2167429d123c8a4c0faaf7b2c7ffccee067855ef11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64d9129c-3d5e"
age
347811
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Pi3Gy0PproMAXTNZWiapPgY6YK8dA%2Fww0FJ3bWtuWcu4aNxOkKgCJw4MvJYKlHP7mzeAwrIekEkipriMdfXoyBzbqSIlz5gIDTb%2B2Ic%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Sun, 13 Aug 2023 17:27:56 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589debbd398-FRA
accept-ranges
bytes
content-length
15710
server
cloudflare
53faa0ab-06aa-4987-9d2f-85656b0a5581-380x233.jpg
telegrafi.com/wp-content/uploads/2023/08/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/08/53faa0ab-06aa-4987-9d2f-85656b0a5581-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a26d8b28bf2b15b52d0613a8d2fa84745e75e691ac729d3dbca02c0f977f939

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64d67a72-53a3"
age
347868
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YkWin7ClsclZe6FcVcg6sx0nwqs5YN8dkj9He42nsK5BjIOz5VO6lX8iPqZwciaxYCcSaKTmkXbZDjoabkTvdYBkVxk6B0x591xEfL4%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/jpeg
last-modified
Fri, 11 Aug 2023 18:14:10 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589dec0d398-FRA
accept-ranges
bytes
content-length
21411
server
cloudflare
Screenshot_21-10-380x233.png
telegrafi.com/wp-content/uploads/2023/07/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2023/07/Screenshot_21-10-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aaa6a6057d521cf2c5b03343ad340991fb477ca285ee2889a4c1e14b3ae6573

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"64c25b57-25a35"
age
347885
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VLEK7PA7M9JaugE%2BxthIIEBry4kr%2BBejvKi4Gq%2FTAu7oMfT75bzOWtQ%2BunqpG8An0mWj53CX36I5FxHjTCMI3RXmLG5W%2BUO02DNl21w%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Thu, 27 Jul 2023 11:56:07 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589debcd398-FRA
accept-ranges
bytes
content-length
154165
server
cloudflare
phone2.png
telegrafi.com/wp-content/themes/telegrafi/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/img/phone2.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b7b11619f7bc0f8185776969675f4dc8617bc6523da7f04a238157d80023a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"63d6ba62-e91"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JhzwHBIV6eZZLKK1e2DRnBX7tRuwbAhH5%2FLAegPR8SwsdKVJCzpH7CQnFYSIETHMUUkoGOQIzHJAWc67hAJkfVpsH29ddD36J4Bwc5Y%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Sun, 29 Jan 2023 18:26:42 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589debdd398-FRA
accept-ranges
bytes
content-length
3729
server
cloudflare
phone1.png
telegrafi.com/wp-content/themes/telegrafi/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/img/phone1.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e4fb0aac0b5ed1de25b444a2b159d32236597fb47b5ee9dbcbfb1a9c0b13eeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"63d6ba62-101a"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zJlCouIFtjjBoqmvheAkZfbo6NH%2BSzAdElBrKrHLd8E2taz8PGZwOxI4z2SqQQV57nzHLljk0m2YfBKyT3AhxMOu3slYaAO5fsqswyI%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Sun, 29 Jan 2023 18:26:42 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589deb9d398-FRA
accept-ranges
bytes
content-length
4122
server
cloudflare
telegrafi.png
telegrafi.com/wp-content/themes/telegrafi/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/img/telegrafi.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6fac5d1a737187eec9f8b453d5bb6dc00e0b4626f841bc2176bdacf440922a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"63d6ba62-4d5"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BJcbW8Ww4cAC2P%2FYLxshXFWKfDUQ8tlFiLMqYR124MDKTJ3Z6x4LxiCjNY%2FiMWiO4xPI8aSG%2FYBSClwvWutl1GnmDJSmecrkNRCP7TI%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/png
last-modified
Sun, 29 Jan 2023 18:26:42 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589eec1d398-FRA
accept-ranges
bytes
content-length
1237
server
cloudflare
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
age
121210
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:55:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:55:10 GMT
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31017
x-xss-protection
0
server
sffe
header.js
telegrafi.com/wp-content/themes/telegrafi/dist/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/dist/js/header.js?ver=3.0.17
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c31c427e25c7455827c58178586aeec83fdcf940b812731c8e7df1781199630

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"676b23a1-726"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iQfo2Yu5v1zIzwipOtTmHT%2B5TyyEBm99TTqzV6ZheB1D2q6WMSc28SEbX06rUvZH72kVQUZdJO1LssOzaCitQGfnrjt8gfdHgu41kOA%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Tue, 24 Dec 2024 21:12:01 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a5888e97d398-FRA
server
cloudflare
local-city.js
telegrafi.com/wp-content/themes/telegrafi/dist/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/dist/js/local-city.js?ver=3.0.18
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cd003063ed78f8477e01eaf54a3dfd1cf351a08a5401ae395a743877720c65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"67801e2c-bb8"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=A3rhzBrTxxmNZUZPE4GWYkQdFry7sXL5BX4ORPZ%2Fm5QBcwMj3eq6neBZUc4FBHutODrKgRM70OxCcB%2BOQP0H8hHAj%2FtdkkR6M%2BWzEnU%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Thu, 09 Jan 2025 19:06:20 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a588ae99d398-FRA
server
cloudflare
app.js
telegrafi.com/wp-content/themes/telegrafi/dist/js/ 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e78e0c00a2d8cbf1d73efecf85563c6c4c565d8d1bfe76808ee6a7726d3079

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6787b105-22bc4"
age
347940
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NPechxK9v2XRE%2B92U6SKwmdIJMBxk0gxzBJXal6%2BMFttJfi0b61%2BpBfnduyz8CQQyz%2FK74hxCjGzcKUWS0FBbbbIJGgabRkrJC9EdEY%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 15 Jan 2025 12:58:45 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a589eec2d398-FRA
server
cloudflare
live.js
telegrafi.com/wp-content/themes/telegrafi/dist/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/dist/js/live.js?ver=70.0.10
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac68c2d22305f51007e713302e302a66fbd1530b4f4c8494e7ebebbf62c0090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6718f0b8-3016"
age
347811
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BECVbyTW1DqF%2FWYPbxMPu1Hmjkkk8kN6qhimC2RS2mBXa%2FmGKm1yTclQ4DGazWa66kUwiVFCB9kdz6vS98EYvZ4HX9Dw5%2BSJZ40qmAc%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 23 Oct 2024 12:48:56 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a588be9dd398-FRA
server
cloudflare
count.js
telegraficom.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegraficom.disqus.com/count.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Encoding
gzip
ETag
"689ca3a0-367"
Age
269
X-Content-Type-Options
nosniff
X-Amz-Cf-Id
jNkGnLXfEnwTwApB9PQ0NtmlVnw5QigmFVOsdA4RsDfIhDo2wcE4iA==
Date
Wed, 20 Aug 2025 17:35:20 GMT
Content-Type
application/javascript; charset=utf-8
Last-Modified
Wed, 13 Aug 2025 14:39:28 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Cache-Control
public, max-age=300
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Content-Length
871
X-XSS-Protection
1; mode=block
X-Amz-Cf-Pop
DFW56-P9
Server
nginx
queue.js
tdns0.gtranslate.net/tdn-bin/ 		0
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tdns0.gtranslate.net/tdn-bin/queue.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.42 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FGwQJxYpbnyFjglpvy6NIpbrMq%2ByWhJXM32pP4aiSDsjVm6sB1%2BSD8j2rAqSdmzj%2Bkt%2BiCM%2BGWxt0f3rUcLV174Lj%2FKA%2FzAo11wrFTFqjZUR"}]}
cf-ray
9723a5892809d2ea-FRA
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
server
cloudflare
diagnostic-core.js
clickiocmp.com/t/static/cmp/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clickiocmp.com/t/static/cmp/diagnostic-core.js
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_236558.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS ALZ Software Ltd, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
2e3e54a7f5d23bcb6088bb1766e852c5953d1886f1287dbf2e443a10ecf83ca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
iseu
eu
iscntr
eu
cache-control
max-age=1800
content-encoding
gzip
etag
W/"689b6bf9-1b71"
expires
Wed, 20 Aug 2025 18:05:20 GMT
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 12 Aug 2025 16:29:45 GMT
server
nginx/1.24.0
/
up.clickiocdn.com/consent/log/ 		42 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/consent/log/?r=132035524&site_id=236558&version=1717789649&csid=11656&stv=3&tcf2=1&uid=17557113203541036&state=21
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

iseu
eu
cache-control
no-cache
x-pixel-host
amn-ams-5-4
access-control-allow-origin
*
content-length
42
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/gif
server
nginx/1.20.1
vendor-list.json
cdn.clickiocdn.com/t/cmp/v3/ 		720 KB
121 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.clickiocdn.com/t/cmp/v3/vendor-list.json
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_236558.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
46.8.152.14 London, United Kingdom, ASN213119 (ALZ-SOFTWARE-AS ALZ Software Ltd, GB),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
47582f5f8748ca1f63d9d50cc02a3395d9082fef81c56a4e39fd24697600def3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

iseu
eu
iscntr
eu
cache-control
max-age=1800
content-encoding
gzip
etag
W/"689e95d0-b4108"
expires
Wed, 20 Aug 2025 18:05:20 GMT
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/json
last-modified
Fri, 15 Aug 2025 02:05:04 GMT
server
nginx/1.24.0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftelegrafi.com%2F&domain=telegrafi.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Aug 2025 17:35:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
208971
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftelegrafi.com%2F&domain=telegrafi.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://telegrafi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://telegrafi.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Aug 2025 17:35:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205997
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftelegrafi.com%2F&domain=telegrafi.com&cw=1&lsw=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?telegrafi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
application/json
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
329850
expires
0
access-control-allow-origin
https://telegrafi.com
date
Wed, 20 Aug 2025 17:35:17 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
json
gum.criteo.com/sid/ 		2 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftelegrafi.com%2F&domain=telegrafi.com&cw=1&lsw=1
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?telegrafi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type
application/json
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
207139
expires
0
access-control-allow-origin
https://telegrafi.com
date
Wed, 20 Aug 2025 17:35:19 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
gtm.js
www.googletagmanager.com/ 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
33a970fbdb3a10fb419eae26fc7e35b51a0bc22f0d9fc7fda887c6b28a67b2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1348:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1348:0"}],}
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 20 Aug 2025 16:09:19 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1348:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1348:0
content-length
129769
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		314 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M79GNS4Q
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
35f4d6bc0f6f32516792868a212c543c899d1448ccf9051e30d1232bb05d0d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1348:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1348:0"}],}
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 20 Aug 2025 16:09:19 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1348:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1348:0
content-length
111683
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
age
1861
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 19:04:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:04:19 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
kia5tpfs8p
www.clarity.ms/tag/ 		801 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/kia5tpfs8p
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5224872dfbdea34dd32d3a00c35b6dee0966dc5461e2cb89d3f41bd78bfdc465

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:24dd0b7c-7995-45d6-b3b6-925639dc2d30
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
801
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/x-javascript
x-azure-ref
20250820T173520Z-15f8b559499ns87shC1FRA04un0000000kzg00000000vc0y
izooto.js
cdn.izooto.com/scripts/sdk/ 		384 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/b3bda2c1959a528ce1dc87b77391f300e4e01317.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.128.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02b3d55a9140b64c87fc0ea75fecfe2b5f24434f6b52e2332a319833bd52aa05
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6883571b-60111"
age
1171061
expires
Fri, 05 Sep 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Fri, 25 Jul 2025 10:06:19 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=1382400
cf-ray
9723a589cf0bc0eb-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
config.js
cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/ 		217 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/config.js
Requested by
Host: cdn-a.yieldlove.com
URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?telegrafi.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdd5644a9b17521f3fb411f11b2b8f5d759661e97c358bb0fd368fceee79751c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"879d93c9296f0b8df10e9813537b7811"
age
81
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
text/javascript
last-modified
Wed, 20 Aug 2025 17:27:07 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
drOKKWiu68N6wLyPoHpuoH2qyZkIaINGTqPGP2it7Z2FJLhLIjVdeqPIgFV/bpYZ1wJ15a5QnvM=
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
9723a58adcc930d0-FRA
x-amz-request-id
6EWFAKE037ATEFAC
accept-ranges
bytes
content-length
43665
server
cloudflare
x-amz-server-side-encryption
AES256
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
af55ac2db7d388772c0f1e8c7306b34a9dcb6c27dc832f541b0b7330c9c6f810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-md5
9En31Ms7E84T5TUz10Dvsg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"e92144269246bdd45240ffd531815c01"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:37:16 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
165b79a72e292ee3b6f900770db9d307
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4947, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
GKiVu39XeJGUrSdr8jMzAPcHzgHW96gfGJzn2rxkhkTo/OXSI6uISaVZeGy1FVWN5dsXhFfy3G7LCq8+IM+wNA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1686
origin-agent-cluster
?1
truncated
/ 		416 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56450b9b1f3c755b563a9ef45ad89868162920c092eee3554031189507aa455a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
121530
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:49:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:49:50 GMT
last-modified
Wed, 23 Apr 2025 16:07:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
120614
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 08:05:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 08:05:06 GMT
last-modified
Wed, 23 Apr 2025 16:07:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
121373
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:52:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:52:27 GMT
last-modified
Wed, 23 Apr 2025 16:05:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
fonts.gstatic.com/s/intertight/v8/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v8/NGSwv5HMAFg6IuGlBNMjxLsH8ag.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter+Tight:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
77fefe8ca19b9f69b5284832c519e0493127c1f091f0a8936884be7721c4e618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
121192
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:55:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:55:28 GMT
last-modified
Thu, 29 May 2025 22:34:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
44872
x-xss-protection
0
server
sffe
/
up.clickiocdn.com/consent/log/ 		42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://up.clickiocdn.com/consent/log/?r=132062198&site_id=236558&version=1717789649&csid=11656&stv=3&tcf2=1&uid=17557113203541036&state=2&vcnt=302
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

iseu
eu
cache-control
no-cache
x-pixel-host
amn-ams-5-7
access-control-allow-origin
*
content-length
42
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
image/gif
server
nginx/1.20.1
google-vendor-list.json
s.clickiocdn.com/t/cmp/v3/ 		54 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clickiocdn.com/t/cmp/v3/google-vendor-list.json
Requested by
Host: clickiocmp.com
URL: https://clickiocmp.com/t/consent_236558.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
88.99.85.119 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.119.85.99.88.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
988d7c09afcbbee597aa14ba9b133dfc6e18998be7f7b87b2ade80ac3e2d7ee6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

iseu
eu
iscntr
eu
cache-control
max-age=1800
content-encoding
gzip
etag
W/"68a52d53-d916"
expires
Wed, 20 Aug 2025 18:05:20 GMT
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/json
last-modified
Wed, 20 Aug 2025 02:05:07 GMT
server
nginx/1.24.0
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
121327
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:53:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:53:13 GMT
last-modified
Wed, 23 Apr 2025 16:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
NGSyv5HMAFg6IuGlBNMjxLsCwapkRA.woff2
fonts.gstatic.com/s/intertight/v8/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v8/NGSyv5HMAFg6IuGlBNMjxLsCwapkRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter+Tight:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
26da6578cb17ad7922d0c6586697ab1c5de86a3cfd46057eec8a9e1f034ac965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
173529
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 18 Aug 2026 17:23:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Aug 2025 17:23:11 GMT
last-modified
Thu, 29 May 2025 22:38:15 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
47912
x-xss-protection
0
server
sffe
embed.js
telegraficom.disqus.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegraficom.disqus.com/embed.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
7a693305747ece479aa909b01e0709408a85783472feecc794c41ebd9b1d2496
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Cache-Control
private, max-age=60
x-service
router
content-encoding
gzip
Age
45
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Content-Length
27135
Date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
Vary
Accept-Encoding
server
openresty
truncated
/ 		651 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4305468b9eb96065246c9e56b8fc03def251faf6787fda84f7830ee5bd8bd4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		281 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d6a25a7ae2d79314c4a50020a561c48c5b11e11df85821db889bc33f15c073c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,400;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
121291
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:53:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:53:49 GMT
last-modified
Wed, 23 Apr 2025 16:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7824
x-xss-protection
0
server
sffe
NGSwv5HMAFg6IuGlBNMjxLsJ8ah8QA.woff2
fonts.gstatic.com/s/intertight/v8/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/intertight/v8/NGSwv5HMAFg6IuGlBNMjxLsJ8ah8QA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter+Tight:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
sffe /
Resource Hash
fd9beddaaec644945809da574cf1caf342073c7e4b46a2ea5bd136c8cf1a9eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://fonts.googleapis.com/

Response headers

age
173307
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 18 Aug 2026 17:26:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Aug 2025 17:26:53 GMT
last-modified
Thu, 29 May 2025 22:35:12 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
89800
x-xss-protection
0
server
sffe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508140101/ 		572 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508140101/pubads_impl.js?cb=31094144
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
db5b162e10751a7c68db063e3d4e074971b518b961b8ddf2990d10a1361cfac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
br
etag
15050142134517458076
age
10137
x-content-type-options
nosniff
expires
Thu, 20 Aug 2026 14:46:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 20 Aug 2025 14:46:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
185801
x-xss-protection
0
server
cafe
log.js
u.heatmap.it/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		308 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
570cddafeb051fa9b5a5bf1f30bfab40ad0b919dd667df1c9aac96c41137b893
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-2A2FRsdc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-2A2FRsdc' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=27, mss=1232, tbw=8803, tp=14, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
/YsI43lXRhKD2iSI0rIs0/pAzGUz4AeNEtfTqLesbtwfxis8Nf6QjH+JpwFkGwY4Bn1n8o6lsxgeXf5aHP5WWQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
content-length
80980
x-xss-protection
0
origin-agent-cluster
?1
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 8CDF 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.128.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c7cb1431d2db94f0cbf503e8f3ae4cd2232654f4123c405eff1920b673859d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
731346
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
9723a58a8d5dbb56-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:20 GMT
expires
Sat, 20 Sep 2025 17:35:20 GMT
last-modified
Tue, 14 May 2024 14:09:56 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-xss-protection
1; mode=block
ht.json
tt.onthe.io/DqfniW44qMqs/ 		2 KB
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/DqfniW44qMqs/ht.json
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/DqfniW44qMqs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
188.40.115.112 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.112.115.40.188.clients.your-server.de
Software
nginx /
Resource Hash
dbc0263328f9431516065dcdd9e53c95ebd71d74985d2d481e7f14bb94866253

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
ETag
W/"68a31d97-6f3"
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Access-Control-Allow-Origin
*
Date
Wed, 20 Aug 2025 17:35:20 GMT
Content-Type
application/json
Last-Modified
Mon, 18 Aug 2025 12:33:27 GMT
Server
nginx
demandTiersFloors.json
tags.refinery89.com/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.refinery89.com/demandTiersFloors.json
Requested by
Host: geotags.refinery89.com
URL: https://geotags.refinery89.com/telegraficom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b26709ae1cee4f752854b88922692674930ae05ffe7966a5324c5a4ae79ece6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-expose-headers
*
etag
"7096a968509e28918e73b718e419acc4"
x-cache
Miss from cloudfront
x-amz-cf-id
l7K0d8AVOH4n-GmbeIyiVIJZDjGp4001B9-y2VOCbLVtEDbBwbcwaA==
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 13 Aug 2025 08:19:48 GMT
x-amz-id-2
+ORjdvJnJx69KsuRrOKtrQwbhBHZECftIb5R+/EqHVVHgozAd6uDo8Xr0R4Wr75Ef591z57JXxw=
cache-control
max-age=21600, public
cloudfront-viewer-country
DE
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-request-id
J05R3G905322PM5X
accept-ranges
bytes
access-control-allow-origin
*
content-length
3901
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
c.html
cdn.admixer.net/scripts3/92978/ Frame B445 		738 B
666 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age
198144
cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:20 GMT
etag
W/"68a300d0-2e2"
expires
Wed, 19 Aug 2026 10:32:56 GMT
last-modified
Mon, 18 Aug 2025 10:30:40 GMT
server
nginx
traceparent
00-b78f677477d074fc6a2180d340886f14-e7e96f4041831e83-01
vary
Accept-Encoding
x-cached-since
2025-08-18T10:32:56+00:00
x-id
fr5-hw-edge-gc8
x-id-fe
fr5-hw-edge-gc8
ad1e53d6ca54518d4679.b.js
cdn.admixer.net/scripts3/92978/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/ad1e53d6ca54518d4679.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
4d2cc16b87d3f592e8775a33b10cdcf583b507ccc15fc697f50ec97c74c38ed3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300cf-ba34"
age
2683
traceparent
00-0c41cb00e92b56ba86fa94104c0824a4-c22571b02aef27c8-01
expires
Fri, 21 Aug 2026 16:50:37 GMT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:39 GMT
server
nginx
x-cached-since
2025-08-20T16:50:37+00:00
vary
Accept-Encoding
be052e7b7f29c85ddc30.b.js
cdn.admixer.net/scripts3/92978/ 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/be052e7b7f29c85ddc30.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
961d8ecf165ef797c25958f500f2b85e73f012fec626e93ca57c8dde426e46a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300d0-13c87"
age
198142
traceparent
00-ac956ceb96c7ec3aeedb816b034993b5-51d61b6ca5f913fd-01
expires
Wed, 19 Aug 2026 10:32:58 GMT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:40 GMT
server
nginx
x-cached-since
2025-08-18T10:32:58+00:00
vary
Accept-Encoding
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-93.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
53160
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
E9PPQH0izaIePco4nVOetQmoYQqgVeXmUCTLgUc1S_a5z49bMm3jjw==
date
Wed, 20 Aug 2025 02:49:21 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
c.html
scripts.futureads.io/scripts3/92978/ Frame 0022 		738 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.futureads.io/scripts3/92978/c.html?b=92978
Requested by
Host: scripts.futureads.io
URL: https://scripts.futureads.io/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
193001
cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:20 GMT
etag
W/"68a300d0-2e2"
expires
Wed, 19 Aug 2026 11:58:39 GMT
last-modified
Mon, 18 Aug 2025 10:30:40 GMT
server
nginx
traceparent
00-8d795710234865c702d31f08b26fd65f-e9a8a097c3c86f52-01
vary
Accept-Encoding
x-cached-since
2025-08-18T11:58:39+00:00
x-id
fr5-hw-edge-gc8
x-id-fe
fr5-hw-edge-gc8
sdk.js
connect.facebook.net/en_US/ 		255 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f4131659c3fd5809a52d085553f9a3e7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f35ef288e8782d61e894b9d085da3bbb94063741a13946a284fd1aa720eed7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://telegrafi.com/

Response headers

content-md5
R8SLdzg/IdQ6X6ToDr25SA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"65d9e9b110ead6b538be43892117278e"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 20 Aug 2026 13:39:11 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
cb6aafaf06c0fac8e6e32f9000f23d5e
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=3562, tp=6, tpl=0, uplat=0, ullat=-1
x-fb-debug
QJMuJbG1RKHV1g19uJJtg7FG9vYxs9KjCJdPDI5InKEBukG5dJwPRQ0S5JD0qblaKDi5MRit9VJ8NB62uMxMPg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
76879
origin-agent-cluster
?1
js
www.google-analytics.com/gtm/ 		249 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MTCHQ67&cid=652032174.1755711321
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
bc58940647a4767c8e368e395d08a163c6dc724fb1619783ede9dac3fd3fbb8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1341:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1341:0"}],}
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 20 Aug 2025 16:09:19 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1341:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1341:0
content-length
92659
x-xss-protection
0
server
Google Tag Manager
teads-format.min.js
a.teads.tv/static/master/media/format/v3/ 		455 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/204890/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.182 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
facbb27340d90a1e0b913639b2408557d469d12ade8419fdf07ef2e1a14a5afd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

x-amz-id-2
slgTTcSXIBaMlI8v9sHLGvwdiiO8eUhJq3ElTGc902wox8Kpsuam3uFVZmx1LVxVTguJxPAvIhk=
cache-control
private, must-revalidate, max-age=35
content-encoding
br
etag
"c34d0158b712e1ba35e9f003e7546285"
x-amz-request-id
2KD6THTKJC4WTVY9
accept-ranges
bytes
content-length
109000
date
Wed, 20 Aug 2025 17:35:20 GMT
last-modified
Mon, 11 Aug 2025 14:58:52 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
103512698
fundingchoicesmessages.google.com/i/ 		205 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/103512698?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508140101/pubads_impl.js?cb=31094144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
d15c45cae59cdef33dc0d8a182f600f18268f2b7e0ef447f717ebf5b08ab4e57
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--p89gbs9isssHWjTCo8Y9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BiaL15jnUyEBsqXGK1B-IP9ZdZfwBxkcQV1gYg_lR1g1Wg-gZrEvtN1gIg3rXxFutBIDbzu81qB8SSr2-zKgJx5JS7rAlAzLn2LqsAEFe7e7E1A7EQD8eNvhlH2QQapjacYFbSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyNbAwtNAzMIgvMAAAJH89zw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce--p89gbs9isssHWjTCo8Y9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
clarity.js
scripts.clarity.ms/0.8.25/ 		75 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.clarity.ms/0.8.25/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kia5tpfs8p
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30869cbf39aa650288f575793eaeda06579bff6d5542b8bfa38b15427806ae70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

x-azure-ref
20250820T173520Z-15f8b559499vms2dhC1FRA86800000000m5g000000008r2p
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DDDFC84637718F"
x-fd-int-roxy-purgeid
0
x-ms-request-id
302806a7-a01e-0002-18bc-119063000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 20 Aug 2025 09:02:22 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202508181115/ 		367 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202508181115/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a24025c600f832c6d82cdeb2c41c226e197aa6ab99068dafe1a2cb8b0f9ce05c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"f1313a63cb263c8c050f0de8ebeb499e"
age
888
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 18 Aug 2025 15:16:55 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
Rn41w7K50E9i2SHyxwIOq1xDJTFTpIY1kvShhhQkfky2ex6kvQOPyYXVCT32TOnVjtwyRwcdgtk=
cache-control
public, max-age=31536000
cf-ray
9723a58bbd5530d0-FRA
x-amz-request-id
BJ8TCKTS6M1R7TT8
accept-ranges
bytes
content-length
131889
server
cloudflare
x-amz-server-side-encryption
AES256
260833360772983
connect.facebook.net/signals/config/ 		81 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260833360772983?v=2.9.225&r=stable&domain=telegrafi.com&hme=3d54ce6fd3d1c49c2c5a1c077deeae25962d09eced833b49457e6337402d21c8&ex_m=84%2C145%2C126%2C18%2C119%2C59%2C40%2C120%2C65%2C58%2C133%2C73%2C13%2C83%2C26%2C114%2C105%2C63%2C66%2C113%2C130%2C92%2C135%2C7%2C3%2C4%2C6%2C5%2C2%2C74%2C82%2C136%2C210%2C157%2C53%2C215%2C212%2C213%2C46%2C172%2C25%2C62%2C219%2C218%2C160%2C28%2C52%2C8%2C55%2C78%2C79%2C80%2C85%2C109%2C27%2C24%2C112%2C108%2C107%2C127%2C64%2C129%2C128%2C42%2C110%2C51%2C102%2C12%2C132%2C37%2C201%2C203%2C167%2C21%2C22%2C23%2C15%2C16%2C36%2C33%2C34%2C69%2C75%2C77%2C90%2C118%2C121%2C38%2C91%2C19%2C17%2C96%2C60%2C31%2C123%2C122%2C124%2C115%2C20%2C30%2C50%2C89%2C131%2C29%2C182%2C153%2C259%2C199%2C143%2C185%2C178%2C87%2C111%2C68%2C100%2C45%2C39%2C98%2C99%2C104%2C49%2C14%2C106%2C97%2C56%2C41%2C93%2C44%2C47%2C0%2C81%2C134%2C1%2C103%2C11%2C101%2C9%2C48%2C76%2C54%2C125%2C57%2C95%2C72%2C71%2C43%2C116%2C70%2C67%2C61%2C94%2C86%2C35%2C117%2C32%2C88%2C10%2C137
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
8d0c3ce9a877daaf52d6cfb334dcd8d989008e53d291cf043d704bd1372cca38
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-ya2Fo4SM' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-ya2Fo4SM' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=61, mss=1232, tbw=93595, tp=88, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
6Bi5Kwffm+kEB7FBus05shd74rM6OMBzzforOX11J0/3pKXVU13zO0VR7oFyHWC8KhGWMfFY7urlR0Vjz/IOcg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
content-length
15167
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		372 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&cx=c&gtm=45He58j0h1v9180397921za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M79GNS4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
356ce7763c3643cf5668a1fee290ab88f24d4be82adb64792d7fd496d591baa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0"}],}
expires
Wed, 20 Aug 2025 17:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1106:0
content-length
132572
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		397 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-32SPFKJ85B&cx=c&gtm=45He58j0h1v9180397921za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M79GNS4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d562906b0434c2d38b8eb89c8a38de1663bcbe874ad144fb5392b749299d339a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"group":"ascgcycc:1106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0"}],}
expires
Wed, 20 Aug 2025 17:35:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1106:0
content-length
138252
x-xss-protection
0
server
Google Tag Manager
attribution.js
embeds.beehiiv.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embeds.beehiiv.com/attribution.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M79GNS4Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.69.40 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476113282fa8ddafc269fcc10b2125f4ebadadf175819a4680e770f4087de0ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1755711321&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=PoL%2FQqUQKQ6wiS66VlTH4rTWiP2sI1pGU9tNNbgsYo0%3D
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
MISS
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1755711321&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=PoL%2FQqUQKQ6wiS66VlTH4rTWiP2sI1pGU9tNNbgsYo0%3D"}]}
via
1.1 vegur
cf-ray
9723a58c6ec1a062-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
vary
Origin, Accept-Encoding
server
cloudflare
last-modified
Wed, 20 Aug 2025 17:35:21 GMT
web-vitals.iife.js
unpkg.com/web-vitals@5.1.0/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@5.1.0/dist/web-vitals.iife.js
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@5.1.0/dist/web-vitals.iife.js
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Server
104.18.1.22 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8890ec954757ea8e4801f49958afb76e2b8837c47fec5b16598fc20cbd49c220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
age
986
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
expires
Thu, 20 Aug 2026 17:35:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 31 Jul 2025 20:25:05 GMT
vary
Accept-Encoding
fly-request-id
01K1H2HSNK8PNBZZZBF151HYK2-ord
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
priority
u=3,i=?0
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 fly.io, 1.1 fly.io
cf-ray
9723a58daa3f2c25-FRA
content-digest
sha256=:iJDslUdX6o5IAfSZWK+3biuIN8R/7FsWWY/CDL1JwiA=:
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=60, s-maxage=300
location
/web-vitals@5.1.0/dist/web-vitals.iife.js
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
cf-ray
9723a58c594d2c25-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
56
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
dmpcnt.js
ads.futureads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpcnt.js?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDS2P7N
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
2b8cd17d4fdfc7789919c83aff9c8f45e3bc895005fa2e0b2029e49178b77a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Wed, 21 Oct 2015 07:28:00 GMT
cache-control
no-store
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
server
nginx
Screenshot_43-380x233.png
telegrafi.com/wp-content/uploads/2025/08/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/08/Screenshot_43-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe6c9f91827446e8500ce0b8a9a8cdf00a498038c2785fc4a0454e53670a80d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"6898fd98-1d889"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fyZY7FhyVM1PHjM7deoTbwX7qV6MTmvGYYQ9s%2B94%2F7tbvCY97KmTlHEi2Zjap7xZ3c1b9QKkeDq7JP1cIfo3WLC%2Fa8bHeFBfyqg%2BFWk%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
last-modified
Sun, 10 Aug 2025 20:14:16 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7ef6d398-FRA
accept-ranges
bytes
content-length
120969
server
cloudflare
page-99-380x233.jpg
telegrafi.com/wp-content/uploads/2025/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/page-99-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a84a8c82bde3a8404daab6f74ac6f83fccb770c0c7206ead3f45ff855a5b3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"6887c58a-3e97"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=95nPQIvZ8npwFhxtyv9NMOtINUPLLvflG9vMPExLdvQeIR2TnQrk%2FHs9Mktq%2BmHP%2Fb%2F1AWLrZlrKp2GgrjccW6uG%2B2UPBjFGGo2scgg%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/jpeg
last-modified
Mon, 28 Jul 2025 18:46:34 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7ef8d398-FRA
accept-ranges
bytes
content-length
16023
server
cloudflare
Screenshot_21-15-380x233.png
telegrafi.com/wp-content/uploads/2025/07/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/Screenshot_21-15-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb07afd15312c356c6ebf3191d1273a4830718f5dba4ce4bcb82d82a8bb38e33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"6887a419-1726f"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DrIl40q2LGbtlRf0mVGjLI8pYa8DVRPAZEmZ%2Bw6Um5CJ8KJvbNwBIQOiF34SlfDxJzi7MOz7NIz3OPB5pqx8Ncz9V3vU4R5feHA3T1c%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
last-modified
Mon, 28 Jul 2025 16:23:53 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7ef7d398-FRA
accept-ranges
bytes
content-length
94831
server
cloudflare
Screenshot_25-16-380x233.png
telegrafi.com/wp-content/uploads/2025/07/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/Screenshot_25-16-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d61c7ac455472f2a33855574c90b019b61d75a07093d23b69976d6dadf3fbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"688655a1-21d03"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BjU3sNa76wSGS7Fp3WaKoGzRTIo11gVSf2%2FjbebHfCtjOFr32B2%2B8Ux2MLBhwwNJx%2Bg4Ei%2FG6M4zzaZ%2BpWZ830DnJcFd0xGAnBufZQQ%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
last-modified
Sun, 27 Jul 2025 16:36:49 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7ef9d398-FRA
accept-ranges
bytes
content-length
138499
server
cloudflare
page-93-380x233.jpg
telegrafi.com/wp-content/uploads/2025/07/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/page-93-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed088b883101dac792e28a5c895ae34d8db3cbe70493513afdd85c766f454959

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"68862d37-415e"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kAktCJITsGgJfRWyHQvkb4N4WdkFNqelwvxbh3vCYD8LAH9%2F3LJ54zBrcpTamvtuHYVbJcBbAv%2FsY7%2BrsK295c2WvKIWRLsm0rvezRo%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/jpeg
last-modified
Sun, 27 Jul 2025 13:44:23 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7efad398-FRA
accept-ranges
bytes
content-length
16734
server
cloudflare
page-46-380x233.jpg
telegrafi.com/wp-content/uploads/2025/07/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/page-46-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8fa7148f64a068c3c3d705760d2332b0ec1229b419b3d9bf3a07dec3ba3b62d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"6877e008-4e7b"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xCjFY9UKmUyrm8eaore1rGvI3Mbz897PfGQvq2OIcgI83lfxZ5ehVWhI3LRBTE%2FjxoUTrQEzl8BBZQJrDSZCe%2FhPd3ktoPGYP0A5gAI%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/jpeg
last-modified
Wed, 16 Jul 2025 17:23:20 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7efbd398-FRA
accept-ranges
bytes
content-length
20091
server
cloudflare
Screenshot_22-9-380x233.png
telegrafi.com/wp-content/uploads/2025/07/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/Screenshot_22-9-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cacdcc80cb80b11e5a961c4d7e382127991fb13d0eace3a0e9c35f975be866e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"687521c3-1b95f"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iqm1j6gdC8A0x8Cn5d0IDsxlbutNiOT%2BOiNQkMzxUkXtu6jWa8J8VSHoUIuq469Q6%2F2%2FVLV6g5ppBtJTPn54LXMdVm0Nu7%2B6FEgTii4%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
last-modified
Mon, 14 Jul 2025 15:26:59 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7efcd398-FRA
accept-ranges
bytes
content-length
112991
server
cloudflare
page-11-380x233.jpg
telegrafi.com/wp-content/uploads/2025/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/page-11-380x233.jpg
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86056ef260e31c4e2fcbe1532c15307c713cbd4038f03217dd2d4f53011313dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"686adf7d-43d2"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AyM0c%2F441jm4meXNY%2Bhz3wOOkprmj0HIhD8293x9FqWa02T2fU9Qseq4%2FYDxaEMORqdowctRr7vNP9DQRgJdcGPYhYgAPAdzBIZeuZ8%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/jpeg
last-modified
Sun, 06 Jul 2025 20:41:33 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7effd398-FRA
accept-ranges
bytes
content-length
17362
server
cloudflare
Screenshot_23-1-380x233.png
telegrafi.com/wp-content/uploads/2025/07/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/Screenshot_23-1-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3538020876d18f388e1c1341eefc54dbeaf3c67ad3381e9c739f3a7a86cf647a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"6866a41c-1b09e"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MyQPypRTKWrh785bTg1hOCUBo%2BkXkkJuOUWzSr2BE7x3gJieKlmjDvEcPtG%2F8sd3o5zoEDigyr6UGp6dAVyg41Wo%2Fi5jCHOBbJfZIQ0%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
last-modified
Thu, 03 Jul 2025 15:39:08 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7efdd398-FRA
accept-ranges
bytes
content-length
110750
server
cloudflare
Screenshot_11-380x233.png
telegrafi.com/wp-content/uploads/2025/07/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://telegrafi.com/wp-content/uploads/2025/07/Screenshot_11-380x233.png
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bfabf321e72fceabd2bf22b1f874c7fd06acc4f3afb06228300e54c8e09de9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

cf-cache-status
HIT
etag
"6864dc53-15304"
age
347766
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=bFduOjJP5MqIl4D8l%2FcwbaWeRfayAnbA9qDTpb9MgjmRNR0P4Pb6%2BAPg6qIBKcNRuDkiA3JiolJknb591PrPcarStbd9SGnX0Y8RR8s%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
last-modified
Wed, 02 Jul 2025 07:14:27 GMT
vary
accept-encoding
cache-control
public, max-age=31556952
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a58c7efed398-FRA
accept-ranges
bytes
content-length
86788
server
cloudflare
breaking-news.json
telegra.fi/storage/ 		280 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telegra.fi/storage/breaking-news.json?v=2025-08-20T17:35:00.000Z
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/wp-content/themes/telegrafi/dist/js/app.js?ver=74.0.32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.192.173 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab08afaa18a600718ff515fadb33038b1725eb475d4976317167127ca763408

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
etag
W/"68663df0-118"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=T3ba6NOjqVvVpICXq7XtunYY752r%2Fz1b5qD28hEBm8m1H7%2FH8aLJCJObkAL%2Frl%2FO%2BZOQIVuLMv9CPXFH22NqmSWxVlHvxDiJ"}]}
access-control-allow-methods
GET, OPTIONS
cf-ray
9723a58c9c97696a-FRA
access-control-allow-origin
https://telegrafi.com
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/json
last-modified
Thu, 03 Jul 2025 08:23:12 GMT
server
cloudflare
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
/
localhost/socket.io/ 		0
0
tag-manager.runtime.js
cdn.admixer.net/analytics/ 		1 KB
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.runtime.js
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dmpcnt.js?cntoid=4b653e90-855d-4c2b-996b-07d381c48dff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
68b1a71a45b9d3e455495f38eac0b125cefcc93ef630722735d07611718fcf3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
access-control-expose-headers
content-range
content-encoding
gzip
etag
W/"65ddc438-56a"
age
166438
traceparent
00-8d24aa32d867bf6b65f7f5f1bafc6641-44d8d74776407c0a-01
expires
Wed, 19 Aug 2026 19:21:23 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Tue, 27 Feb 2024 11:15:04 GMT
vary
Accept-Encoding
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
x-id
fr5-hw-edge-gc8
x-cached-since
2025-08-18T19:21:23+00:00
server
nginx
tag-manager.js
cdn.admixer.net/analytics/ 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/analytics/tag-manager.js?m=
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dmpcnt.js?cntoid=4b653e90-855d-4c2b-996b-07d381c48dff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
e087620eca164cc8498ee379f3bddc8d0daed7148cacf37e29d18d4968bafb85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
access-control-expose-headers
content-range
content-encoding
gzip
etag
W/"65ddc438-129ae"
age
193149
traceparent
00-eda6cc19c3a40c9ea28760326cec5920-642dc2598ceb4fb9-01
expires
Wed, 19 Aug 2026 11:56:12 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Tue, 27 Feb 2024 11:15:04 GMT
vary
Accept-Encoding
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
x-id
fr5-hw-edge-gc8
x-cached-since
2025-08-18T11:56:12+00:00
server
nginx
/
www.facebook.com/privacy_sandbox/topics/registration/ 		67 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/privacy_sandbox/topics/registration/?id=260833360772983
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/260833360772983?v=2.9.225&r=stable&domain=telegrafi.com&hme=3d54ce6fd3d1c49c2c5a1c077deeae25962d09eced833b49457e6337402d21c8&ex_m=84%2C145%2C126%2C18%2C119%2C59%2C40%2C120%2C65%2C58%2C133%2C73%2C13%2C83%2C26%2C114%2C105%2C63%2C66%2C113%2C130%2C92%2C135%2C7%2C3%2C4%2C6%2C5%2C2%2C74%2C82%2C136%2C210%2C157%2C53%2C215%2C212%2C213%2C46%2C172%2C25%2C62%2C219%2C218%2C160%2C28%2C52%2C8%2C55%2C78%2C79%2C80%2C85%2C109%2C27%2C24%2C112%2C108%2C107%2C127%2C64%2C129%2C128%2C42%2C110%2C51%2C102%2C12%2C132%2C37%2C201%2C203%2C167%2C21%2C22%2C23%2C15%2C16%2C36%2C33%2C34%2C69%2C75%2C77%2C90%2C118%2C121%2C38%2C91%2C19%2C17%2C96%2C60%2C31%2C123%2C122%2C124%2C115%2C20%2C30%2C50%2C89%2C131%2C29%2C182%2C153%2C259%2C199%2C143%2C185%2C178%2C87%2C111%2C68%2C100%2C45%2C39%2C98%2C99%2C104%2C49%2C14%2C106%2C97%2C56%2C41%2C93%2C44%2C47%2C0%2C81%2C134%2C1%2C103%2C11%2C101%2C9%2C48%2C76%2C54%2C125%2C57%2C95%2C72%2C71%2C43%2C116%2C70%2C67%2C61%2C94%2C86%2C35%2C117%2C32%2C88%2C10%2C137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-aDBT3GqU' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-expose-headers
X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7540722706980250720&cpp=C3&cv=1026113219&st=1755711321182"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
observe-browsing-topics
?1
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods
OPTIONS
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
vary
Origin, Accept-Encoding
x-fb-debug
p3x/QKHIkiMWkTAo58FSKHVwtVE7OOqRCwAPc2Ep7aBQEQv1ziHlWbrLwuCC2UqApwost/atewjTzBK/7rajnA==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7540722706980250720&cpp=C3&cv=1026113219&st=1755711321182", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-aDBT3GqU' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5000, tp=10, tpl=0, uplat=117, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
353383474514703
connect.facebook.net/signals/config/ 		51 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/353383474514703?v=2.9.225&r=stable&domain=telegrafi.com&hme=3d54ce6fd3d1c49c2c5a1c077deeae25962d09eced833b49457e6337402d21c8&ex_m=84%2C145%2C126%2C18%2C119%2C59%2C40%2C120%2C65%2C58%2C133%2C73%2C13%2C83%2C26%2C114%2C105%2C63%2C66%2C113%2C130%2C92%2C135%2C7%2C3%2C4%2C6%2C5%2C2%2C74%2C82%2C136%2C210%2C157%2C53%2C215%2C212%2C213%2C46%2C172%2C25%2C62%2C219%2C218%2C160%2C28%2C52%2C8%2C55%2C78%2C79%2C80%2C85%2C109%2C27%2C24%2C112%2C108%2C107%2C127%2C64%2C129%2C128%2C42%2C110%2C51%2C102%2C12%2C132%2C37%2C201%2C203%2C167%2C21%2C22%2C23%2C15%2C16%2C36%2C33%2C34%2C69%2C75%2C77%2C90%2C118%2C121%2C38%2C91%2C19%2C17%2C96%2C60%2C31%2C123%2C122%2C124%2C115%2C20%2C30%2C50%2C89%2C131%2C29%2C182%2C153%2C259%2C199%2C143%2C185%2C178%2C87%2C111%2C68%2C100%2C45%2C39%2C98%2C99%2C104%2C49%2C14%2C106%2C97%2C56%2C41%2C93%2C44%2C47%2C0%2C81%2C134%2C1%2C103%2C11%2C101%2C9%2C48%2C76%2C54%2C125%2C57%2C95%2C72%2C71%2C43%2C116%2C70%2C67%2C61%2C94%2C86%2C35%2C117%2C32%2C88%2C10%2C137%2C225%2C224%2C226%2C231%2C232%2C233%2C229%2C221%2C159%2C197%2C220%2C222%2C261%2C200%2C146%2C190%2C174%2C155%2C258%2C140%2C163%2C147%2C180%2C154%2C211%2C138%2C168%2C188
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
1edb3945e1b23e9e0952a4edf9542fee4f7e0242c9d7159189c8c87a7d75c3c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-aDmGZb5h' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-aDmGZb5h' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=75, mss=1232, tbw=111083, tp=105, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
7FqJfIL/dXWXInTN7dEsRghVKhtA8CNfpUiIDgKXNxPXxUGa8JI6JpUPqBXnk9XCwfSte7db/B50HB9fZ/pwEQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
content-length
6467
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260833360772983&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&rl=&if=false&ts=1755711321104&sw=1600&sh=1200&v=2.9.225&r=stable&ec=0&o=4126&fbp=fb.1.1755711321104.625737247631061289&ler=empty&cdl=API_unavailable&pmd[title]=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&plt=1994.7000007629395&it=1755711320920&coo=false&rqm=GET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4722, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=260833360772983&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&rl=&if=false&ts=1755711321104&sw=1600&sh=1200&v=2.9.225&r=stable&ec=0&o=4126&fbp=fb.1.1755711321104.625737247631061289&ler=empty&cdl=API_unavailable&pmd[title]=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&plt=1994.7000007629395&it=1755711320920&coo=false&rqm=FGET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-dOuXqZcD' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7540722706972868117&cpp=C3&cv=1026113219&st=1755711321182"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Pr3JHlqYG5riS6c94NmIq6wLLsvcNwyMWx2+MZZ5qUWLEzvPRGlDjGG1OhfgHHMh4Hl3bJNfTGtam+uyjooqVA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7540722706972868117&cpp=C3&cv=1026113219&st=1755711321182", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-dOuXqZcD' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=24, mss=1232, tbw=5440, tp=15, tpl=0, uplat=151, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection
0
origin-agent-cluster
?1
63727452-be23-4256-8c50-238871b98dd8
https://telegrafi.com/ Frame 2BDB 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://telegrafi.com/63727452-be23-4256-8c50-238871b98dd8
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202508181115/wrap.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
68b9bb412c017f2502858d6a1c5ae0e6d991dface900eed257fa12abfe983a8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
application/javascript
Content-Length
2980
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=220167648175857&input_token&origin=1&redirect_uri=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f4131659c3fd5809a52d085553f9a3e7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-expose-headers
fb-s
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7540722706096494693&cpp=C3&cv=1026113219&st=1755711321230"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain; charset=UTF-8
x-fb-debug
bQ/oP/uHqi0P/dgBXaWogv2xTyMp1NaF7uICJBuIIHNPihgVkmWpJfBkzkH8P8/r0ezT78PF7bgtFPOk1L8UPQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7540722706096494693&cpp=C3&cv=1026113219&st=1755711321230", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control
private, no-cache, no-store, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=26, mss=1232, tbw=8624, tp=18, tpl=0, uplat=116, ullat=0
pragma
no-cache
fb-s
unknown
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
https://telegrafi.com
content-length
0
origin-agent-cluster
?1
admin-ajax.php
telegrafi.com/en/wp-admin/ 		1 B
510 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/en/wp-admin/admin-ajax.php?action=ai_ajax&ip-data=ip-address-country-city
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

x-robots-tag
noindex
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=kjj%2Bv6tMEiULJm1dvDIyO2P6DHCJcwnh9pXPQgkNxn1VTsE2t5kTT6kMz%2FK%2BUVa5Rv%2Fn0r1DQh%2BdqtDnyOE9FVKi8AaCitsgSAyOu1E%3D"}]}
expires
Wed, 11 Jan 1984 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/html; charset=utf-8
vary
Origin
cache-control
no-cache, must-revalidate, max-age=0
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-gt-cache-status
BYPASS
access-control-allow-credentials
true
cf-ray
9723a58d5f16d398-FRA
x-gt-server
tigr
access-control-allow-origin
https://telegrafi.com
content-language
en
server
cloudflare
/
disqus.com/embed/comments/ Frame 23DD 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default
Requested by
Host: telegraficom.disqus.com
URL: https://telegraficom.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c716d5eee8445d5369bb364c08538d0fd17b79d96c7236fe13f60a650e539a3e
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com https://cdn.bonbon.tech https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ c.disquscdn.com https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3088
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com https://cdn.bonbon.tech https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ c.disquscdn.com https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 20 Aug 2025 17:35:21 GMT
ETag
W/"lounge:view:10598603918.34d1656184a369f9aa9c3cf841920505.2"
Last-Modified
Sat, 09 Aug 2025 11:51:30 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
prebid9.35-v4.js
tags.refinery89.com/prebid/ 		510 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.refinery89.com/prebid/prebid9.35-v4.js
Requested by
Host: geotags.refinery89.com
URL: https://geotags.refinery89.com/telegraficom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e41cbb85d5d71e22ddbd25da4e75c0c44b28a95f85cd029709590a567a29e792

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

x-amz-cf-pop
FRA6-C1
cache-control
max-age=31536000, public
content-encoding
br
etag
W/"c013b804b59062e2c33bf7f0296c3f5f"
age
81934
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
5IdeY6wLiY3MOnfhy4D8vHZFQZ4hLVRes2miqNj_Aij4euvBC_5W8w==
date
Tue, 19 Aug 2025 18:49:48 GMT
content-type
application/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Mon, 11 Aug 2025 06:41:50 GMT
x-amz-server-side-encryption
AES256
3212.js
tags.refinery89.com/performance/ 		674 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.refinery89.com/performance/3212.js
Requested by
Host: geotags.refinery89.com
URL: https://geotags.refinery89.com/telegraficom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9f02bbb505c288a6f4119c6a23bef211ac5973a7e4b8d1c8ed92c6bfd5a81fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

vary
accept-encoding
cache-control
max-age=21600, public
etag
"18d57e15f7abb9dc341a5b1fe39b3c2e"
age
11027
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
674
x-amz-cf-id
CZAmQebPdQjMoVJyBjr9w9QVVAtdWzj3xtaxCNuHp0TIXGfVvhxmUw==
date
Wed, 20 Aug 2025 14:31:35 GMT
content-type
text/javascript
last-modified
Wed, 20 Aug 2025 08:30:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
ad
a.teads.tv/page/204890/ 		607 B
763 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/204890/ad?windowWidth=1600&windowHeight=1200&screenOrientation=landscape-primary&historyLength=2&hardwareConcurrency=32&deviceMemory=8&networkQuality=4g&domComplexity=1546&windowDepth=1&windowReferrerUrl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&autoplay=true&formatVersion=1482&env=js-web&netBw=10&ttfb=1179
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.182 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f228c8c09edcad985c495ccdb4b393df948dce63d4050feb042ccdeabedb2395

Request headers

Referer
https://telegrafi.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
application/json; charset=UTF-8
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Wed, 20 Aug 2025 17:35:21 GMT
access-control-allow-origin
https://telegrafi.com
content-length
404
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/json
vary
Accept-Encoding
dsp.aspx
ads.futureads.io/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=5228577486298827&cpv=a6e2605d-95ca-4f6d-6a6a-1ab209d5ffec&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=0bb275cd-9cc2-49af-9ca8-79107e32817c&cntoid=&data=%7B%22id%22%3A%227c667a40-9444-b05e-e94c-740259a5ec49%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252Fen%252FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F138.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2200c26b60-8e79-7dae-393f-2f6f0d8c9f75%22%2C%22tagid%22%3A%221748d37f-c0ef-4e63-94a4-1c4536009fcd%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_1748d37fc0ef4e6394a41c4536009fcd_zone_103963_sect_47407_site_31670%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b92c0ecb51f1feddff076d7404a107d017a90456e30da1975fca73c2c4ec26d8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
content-encoding
gzip
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
3994
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
server
nginx
collect
www.google-analytics.com/j/ 		3 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j102&a=1586453995&t=pageview&_s=1&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&ul=de-de&dt=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&sr=1600x1200&vp=1600x1200&_u=KGBAAEADQAAAACAAI~&jid=1539883174&gjid=486359&cid=652032174.1755711321&tid=UA-2976507-1&_gid=234374626.1755711321&_r=1&_slc=1&cd1=magazina&cd2=1725&cd3=P%C3%ABrkthim&z=969037078
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://telegrafi.com/

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://telegrafi.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
3
server
Golfe2
AGSKWxWpX8qUy9k5UhWW9WX2FJs-Rbl4ggL_UIv8U7nvPEIF4Xyf_99I9e1XnOn_i-SitguisIKluqQMPxkDGroei722Yb_iyE_IUnikkILor8EcqbdIjjBnpkUWWGn2fdaNLfXWgWSJRA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWpX8qUy9k5UhWW9WX2FJs-Rbl4ggL_UIv8U7nvPEIF4Xyf_99I9e1XnOn_i-SitguisIKluqQMPxkDGroei722Yb_iyE_IUnikkILor8EcqbdIjjBnpkUWWGn2fdaNLfXWgWSJRA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rg-TURO8Dbw.es5.O/d=1/rs=AJlcJMyQ6hRe_LhHs1OWrLcWnArZPFORpQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AkkSnCca_f7XEu8dBUWONA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://telegrafi.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15Bi-FB_mfUHEJv53Wa1A2LJ17dZFYG42t2LrRmIhXg4bvbNOMomsKPvdQujkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDI1sDC01DMwiy8wAABEqC1J"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AkkSnCca_f7XEu8dBUWONA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://telegrafi.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVyVSeyMxuo2Z2wjBS8CMIhQZ2L6F8TH0bvgs5AK-_JC2YlwWbKqDymBInjkG5OR4z8mdQVSf_CU9ghyEQJyc23IY2AO47dGT7QwpctYbK_DCzkVRmseBrVHdDXxi6ltMOCG197-Q==
fundingchoicesmessages.google.com/f/ 		1 MB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVyVSeyMxuo2Z2wjBS8CMIhQZ2L6F8TH0bvgs5AK-_JC2YlwWbKqDymBInjkG5OR4z8mdQVSf_CU9ghyEQJyc23IY2AO47dGT7QwpctYbK_DCzkVRmseBrVHdDXxi6ltMOCG197-Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzU1NzExMzIxLDI2MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90ZWxlZ3JhZmkuY29tL2VuL0phbWVzLXZhbi1kZXItQmVlay1zcGVha3Mtb3V0LWFib3V0LWhpcy1jb2xvbi1jYW5jZXItYmF0dGxlLUl0LWFsbC1zdGFydGVkLXdpdGgtYS1zdWJ0bGUtc3ltcHRvbS8iLG51bGwsW1s4LCJyZy1UVVJPOERidyJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.rg-TURO8Dbw.es5.O/d=1/rs=AJlcJMyQ6hRe_LhHs1OWrLcWnArZPFORpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
8d58ae3fa80925fa623fd5320afa7963900dbcd9655de4844e5a2a3b2b766288
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZeXJXpNyl8QuuqWMSF5Uyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBiaL15jnUyEBsqXGK1B-IP9ZdZfwBxkcQV1gYg_lR1g1Wg-gZrEvtN1gIgXrPxFutmIDbzu81qB8SSr2-zKgJx-pS7rHlAzLn2LqsAEFe7e7E1A7EQD8fNvhlH2QQefJ9wjVFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDI1MDC0ELPwCC-wAAAQao-oA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZeXJXpNyl8QuuqWMSF5Uyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
cntdata.aspx
inv-nets-eu.admixer.net/ 		48 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets-eu.admixer.net/cntdata.aspx?query=visitorid&containeroid=4b653e90-855d-4c2b-996b-07d381c48dff&referrer=&pageurl=https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/&fpamuid=0bb275cd-9cc2-49af-9ca8-79107e32817c&pvoid=5445ae29-f294-4def-8a81-39ddac749ac7
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.133 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.133.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
f9ff19cba515f19b390f0e19ab1612a2c2fc954fab1524a6b9907a67a590cf18
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-origin
https://telegrafi.com
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
application/javascript
server
nginx
access-control-allow-credentials
true
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GGFDBX585G&gtm=45je58j0h1v881389386z89180397921za200zb9180397921zd9180397921&_p=1755711320852&gcs=G10-&gcd=13m3lPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10_5b&tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~105102052&cid=652032174.1755711321&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1755711321&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&dt=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&en=page_view&_fv=1&_ss=1&tfd=2267
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&cx=c&gtm=45He58j0h1v9180397921za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to
{"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://telegrafi.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:102:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-32SPFKJ85B&gtm=45je58j0h1v9181380719z89180397921za200zb9180397921zd9180397921&_p=1755711320852&gcs=G10-&gcd=13m3l3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10_5b&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~105399918~105399920&cid=652032174.1755711321&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1755711321&sct=1&seg=0&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&dt=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&en=page_view&_fv=1&_ss=1&tfd=2305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-32SPFKJ85B&cx=c&gtm=45He58j0h1v9180397921za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to
{"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://telegrafi.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:102:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=353383474514703&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&rl=&if=false&ts=1755711321366&sw=1600&sh=1200&v=2.9.225&r=stable&ec=0&o=4126&fbp=fb.1.1755711321104.625737247631061289&ler=empty&cdl=API_unavailable&pmd[title]=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&plt=1994.7000007629395&cs_est=true&it=1755711320920&coo=false&rqm=GET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=27, mss=1232, tbw=9776, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=353383474514703&ev=PageView&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&rl=&if=false&ts=1755711321366&sw=1600&sh=1200&v=2.9.225&r=stable&ec=0&o=4126&fbp=fb.1.1755711321104.625737247631061289&ler=empty&cdl=API_unavailable&pmd[title]=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&plt=1994.7000007629395&cs_est=true&it=1755711320920&coo=false&rqm=FGET
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-LhXBK2GH' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7540722706732006499&cpp=C3&cv=1026113219&st=1755711321443"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
zkW5yvcy/LQDg3BAU0MDx85lHMYNyTmRUo/UacyvLzid11XvMk4hloiFKzvYZ3vbzRj0j71oi9bRW9pxwoiPrA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7540722706732006499&cpp=C3&cv=1026113219&st=1755711321443", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 127.0.0.1:* 'nonce-LhXBK2GH' blob: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=27, mss=1232, tbw=10016, tp=25, tpl=0, uplat=136, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection
0
origin-agent-cluster
?1
collect
n.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.25/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://telegrafi.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://telegrafi.com
Date
Wed, 20 Aug 2025 17:35:21 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
0d11748832caddd96690.b.js
cdn.admixer.net/scripts3/92978/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/0d11748832caddd96690.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300c2-702f"
age
198141
traceparent
00-cede8f06e82d420fdc363d809c7469e1-5ee1533b9e282eec-01
expires
Wed, 19 Aug 2026 10:33:00 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:26 GMT
server
nginx
x-cached-since
2025-08-18T10:33:00+00:00
vary
Accept-Encoding
658a385fec78f0e1897f.b.js
cdn.admixer.net/scripts3/92978/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/658a385fec78f0e1897f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300c9-a793"
age
198141
traceparent
00-6b2115f4587dec79a6129d73e2f22567-4fa9503280b09853-01
expires
Wed, 19 Aug 2026 10:33:00 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:33 GMT
server
nginx
x-cached-since
2025-08-18T10:33:00+00:00
vary
Accept-Encoding
8b73097df909af36f72d.b.js
cdn.admixer.net/scripts3/92978/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/8b73097df909af36f72d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300cc-326c"
age
198141
traceparent
00-4039710a6fe110beedc8c46f8f6bf215-fd1a3ea76a31f7d3-01
expires
Wed, 19 Aug 2026 10:33:00 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:36 GMT
server
nginx
x-cached-since
2025-08-18T10:33:00+00:00
vary
Accept-Encoding
868bf3715e8c82496e94.b.js
cdn.admixer.net/scripts3/92978/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/868bf3715e8c82496e94.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
27e847108969b0bde29a39b7c686d806dcd8d985ecec56da93d21d905f9d1bc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300cc-2a79"
age
198141
traceparent
00-32d323d398f2c6820b2f3e972cf4585f-01409ce156155948-01
expires
Wed, 19 Aug 2026 10:33:00 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:36 GMT
server
nginx
x-cached-since
2025-08-18T10:33:00+00:00
vary
Accept-Encoding
a1555586fe4acb8db978.b.js
cdn.admixer.net/scripts3/92978/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/a1555586fe4acb8db978.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
4e39a2ddd0f2c8384eeeaf9661f4bd840c5c358d8c37a28ac5196679b2679f68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300ce-380eb"
age
152681
traceparent
00-d10c82bcd220cdaa9e6feeee942cd249-5825947f49ce7e4a-01
expires
Wed, 19 Aug 2026 23:10:40 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:38 GMT
server
nginx
x-cached-since
2025-08-18T23:10:40+00:00
vary
Accept-Encoding
786defbc5f2dbc35
ads.us.e-planning.net/uspd/1/ Frame D2DC
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.futureads.io
URL: https://ads.futureads.io/dsp.aspx?sender=futureads&rct=4&v=2.0&rnd=5228577486298827&cpv=a6e2605d-95ca-4f6d-6a6a-1ab209d5ffec&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=0bb275cd-9cc2-49af-9ca8-79107e32817c&cntoid=&data=%7B%22id%22%3A%227c667a40-9444-b05e-e94c-740259a5ec49%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252Fen%252FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F138.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2200c26b60-8e79-7dae-393f-2f6f0d8c9f75%22%2C%22tagid%22%3A%221748d37f-c0ef-4e63-94a4-1c4536009fcd%22%2C%22ext%22%3A%7B%22ph%22%3A%22futureads_1748d37fc0ef4e6394a41c4536009fcd_zone_103963_sect_47407_site_31670%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22futureads%22%7D%5D%2C%22allimps%22%3A1%7D&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
46e33343abafacdc8435b91312744db16da3bf2a8e49f0310034ee32bf54cb6b

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
expires
Wed, 20 Aug 2025 17:35:21 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 20 Aug 2025 17:35:21 GMT
location
/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
occ
ups.analytics.yahoo.com/ups/58613/ 		0
0
match
dm-eu.hybrid.ai/ 		0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=128&vid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
expires
-1
access-control-allow-origin
https://telegrafi.com
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode
5039
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
1; mode=block
server
Hybrid Web Server
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync-service.net/ssp?token=QW2e7t5kKis0&pl=community
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=7148526deb900116458d419392a4e236
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=7148526deb900116458d419392a4e236
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/gif
server
nginx

Redirect headers

Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=8425F734-678E-4445-9565-CA263C4C872F&id=7148526deb900116458d419392a4e236
Content-Length
0
Date
Wed, 20 Aug 2025 17:35:21 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
pixel
cm.g.doubleclick.net/ 		170 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm&gdpr=&gdpr_consent=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
cookie
cm.adform.net/ 		35 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D66d39a21-69dc-4000-8ee6-093fb8ba95a2%26id%3D%24UID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
pixel
cm.g.doubleclick.net/ 		170 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M=&google_cm&gdpr=&gdpr_consent=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.97 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cs.admanmedia.com/0a28772f54bab302b4cd3d4ab3d49473.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D41783197-9E0A-46F4-B576-C7B3694019...
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=41783197-9E0A-46F4-B576-C7B369401968&id=4d97de37-578d-491d-95b9-7749ed970ef4
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive

Redirect headers

keep-alive
timeout=25
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
server
nginx
pixel
cm.g.doubleclick.net/ 		170 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M=&google_cm&gdpr=&gdpr_consent=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1210625&dpuuid=0bb275cd9cc249af9ca879107e32817c
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=0bb275cd9cc249af9ca879107e32817c
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
18.202.121.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-121-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v078-07b9b997b.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
NTBCJkw6TfM=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1210625&dpuuid=0bb275cd9cc249af9ca879107e32817c
dcs
dcs-prod-irl1-1-v078-0098c1d05.edge-irl1.demdex.com 0 ms
pragma
no-cache
x-tid
0SoCntjwQhA=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Wed, 20 Aug 2025 17:35:21 GMT
cookie
cm.adform.net/ 		35 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D512314CD-BFD7-44B7-86B8-F2BB66C4795E%26id%3D%24UID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
bf9ce15acae6a411e6b220198588be2c.gif
cm-x.mgid.com/ 		0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-x.mgid.com/bf9ce15acae6a411e6b220198588be2c.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=[RED]&gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.161 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
0
Access-Control-Allow-Origin
*
Keep-Alive
timeout=5
Date
Wed, 20 Aug 2025 17:35:21 GMT
/
s-cs.rmp.rakuten.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-cs.rmp.rakuten.com/?d=40&uid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.81.95.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Wed, 20 Aug 2025 17:35:21 GMT
x-envoy-upstream-service-time
3
content-type
image/gif
server
istio-envoy
cookie
cm.adform.net/ 		35 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fads.smn.rs%2Fadxcm.aspx%3Fssp%3D66d39a21-69dc-4000-8ee6-093fb8ba95a2%26id%3D%24UID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1&rts=8301964199271106349
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=29997d2f-c4b7-52e8-bc29-19cbd48f1e92
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=29997d2f-c4b7-52e8-bc29-19cbd48f1e92
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/gif
server
nginx

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=29997d2f-c4b7-52e8-bc29-19cbd48f1e92
content-length
0
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
pixel
ap.lijit.com/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.66.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-66-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:21 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
pixel
cm.g.doubleclick.net/ 		170 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M=&google_cm&gdpr=&gdpr_consent=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		9 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=[RED]
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
text/plain
Server
nginx/1.24.0
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://cs.krushmedia.com/da8470a7dda716277c26e6b5a3905b8c.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE2686680-B13A-4730-B79A-59A7FC223B...
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=E2686680-B13A-4730-B79A-59A7FC223B45&id=14db766d-08ae-5533-b147-c6a69643cc03
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=E2686680-B13A-4730-B79A-59A7FC223B45&id=14db766d-08ae-5533-b147-c6a69643cc03
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:23 GMT
x-xss-protection
0
content-type
image/gif
server
nginx

Redirect headers

expires
0
cache-control
no-cache, no-store, must-revalidate
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=E2686680-B13A-4730-B79A-59A7FC223B45&id=14db766d-08ae-5533-b147-c6a69643cc03
content-length
0
date
Wed, 20 Aug 2025 17:35:23 GMT
pragma
no-cache
server
nginx
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://csync.loopme.me/?pubid=11488&gdpr=&gdpr_consent=[gdpr_consent_109]&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DC4729463-E4FF-4B3E-AAA2-487038DEBF16%26id%3D{viewer_token}
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C4729463-E4FF-4B3E-AAA2-487038DEBF16&id=681f584d-be26-486f-ab37-c1a56b5894b6&gdpr_consent=[gdpr_consent_109]&gdpr=null
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C4729463-E4FF-4B3E-AAA2-487038DEBF16&id=681f584d-be26-486f-ab37-c1a56b5894b6&gdpr_consent=[gdpr_consent_109]&gdpr=null
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/gif
server
nginx

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C4729463-E4FF-4B3E-AAA2-487038DEBF16&id=681f584d-be26-486f-ab37-c1a56b5894b6&gdpr_consent=[gdpr_consent_109]&gdpr=null
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
server
_
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.97 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
text/plain
Server
nginx
Connection
keep-alive
sync
t.adx.opera.com/ 		35 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 Amsterdam, Netherlands, ASN39832 (NO-OPERA Opera Norway AS, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
35
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Access-Control-Allow-Headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
usermatchredir
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkezDYkAsUpD87eDJ1nhlI4efBtXo0Nbb7FLeex4T%2F1%2BVOL%2BPNLOVozGwQRoQyZZj1d395eRsfNjJn%2Bt25MSKeQ3hJFMyKql76ZGOvCYbVkzI0kSTOfnQDfwKwuky7FpgaSICtiU2DBHLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
9723a591df7ea034-FRA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFCNzFo6OUbFJaefwM3Uc%2FzEKLLyGCXuhRcMSgT6CQRzhB1dkqEI0B0fyvlAFlWn8dOyEB5pbt0epDI3%2B6Bd1i5jfhvHQScUDxKTheseanyrduB8d9x1KzhC2%2BJJvfM4MMX9ROp1IcCD0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
9723a5917f3ea034-FRA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Wed, 20 Aug 2025 17:35:21 GMT
vary
Accept-Encoding
server
cloudflare
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
date
Wed, 20 Aug 2025 17:35:21 GMT, Wed, 20 Aug 2025 17:35:21 GMT
pragma
no-cache
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT, Wed, 20 Aug 2025 17:35:21 GMT
vary
Accept-Encoding
sync.html
s.console.adtarget.com.tr/ 		0
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D17669FAA-B4BA-4D29-A46F-9415F4FCBD4F%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=237d3c6a-756c-4579-afe0-06d4e0dc2878
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=237d3c6a-756c-4579-afe0-06d4e0dc2878
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/gif
server
nginx

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=17669FAA-B4BA-4D29-A46F-9415F4FCBD4F&id=237d3c6a-756c-4579-afe0-06d4e0dc2878
pragma
no-cache
expires
Wed, 11 Nov 1998 11:11:11 GMT
content-length
190
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
last-modified
Wed, 20 Aug 2025 17:35:21 GMT
server
nginx
match
a4p.adpartner.pro/ssp/ 		0
0
dmpapxl.aspx
inv-nets-eu.admixer.net/ 		43 B
293 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://inv-nets-eu.admixer.net/dmpapxl.aspx?cntoid=4b653e90-855d-4c2b-996b-07d381c48dff&pvOId=5445ae29-f294-4def-8a81-39ddac749ac7&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&fp_am_uid=0bb275cd-9cc2-49af-9ca8-79107e32817c&bot=%7B%22bot%22%3Afalse%7D&userid=&siteuserid=
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.133 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.133.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Wed, 21 Oct 2015 07:28:00 GMT
cache-control
no-store
p3p
CP="NID DSP ALL COR"
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
nginx
dmpapxl.aspx
ads.futureads.io/ 		43 B
295 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&pvOId=5445ae29-f294-4def-8a81-39ddac749ac7&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&fp_am_uid=0bb275cd-9cc2-49af-9ca8-79107e32817c&bot=%7B%22bot%22%3Afalse%7D&userid=&userid=&siteuserid=
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Wed, 21 Oct 2015 07:28:00 GMT
cache-control
no-store
p3p
CP="NID DSP ALL COR"
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
nginx
track
t.teads.tv/ 		23 B
104 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&pageId=204890&pid=221143&su_int=classic&fv=1482&ts=1755711321079&f=1&referer=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&auctid=76ef7c25-6378-43d4-90fe-255002d13dff
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.65.182 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-65-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
private, max-age=3666
content-length
23
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
track
t.teads.tv/ 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&pageId=204890&pid=221143&su_int=classic&slot=polymorph&fv=1482&ts=1755711321083&f=1&referer=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&auctid=76ef7c25-6378-43d4-90fe-255002d13dff
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.65.182 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-65-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
iframe
sync.teads.tv/ Frame 982D 		153 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=221143&gdprIab=%7B%22type%22%3A%22AddEventListener%22%2C%22consent%22%3A%22CQWcqAAQWcqAAA_AFAENB4FgAAAAAAAAAAAAAAAAAAAA.YAAAAAAAAAAA%22%2C%22reason%22%3A121%2C%22status%22%3A12%2C%22apiVersion%22%3A2%2C%22cmpId%22%3A63%7D&fromFormat=true&env=js-web&auctid=76ef7c25-6378-43d4-90fe-255002d13dff&vid=00000000-0000-0000-0000-000000000001&1755711321404=
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
pekko-http/1.1.0 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Wed, 20 Aug 2025 17:35:21 GMT
server
pekko-http/1.1.0
traffic-path
DUBDC2, FRA, Europe
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-check-cacheable
NO
x-served-by
cache-fra-eddf8230166-FRA
x-timer
S1755711321.450554,VS0,VE32
x-user-geo
EU-WEST-1
track
t.teads.tv/ 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=76ef7c25-6378-43d4-90fe-255002d13dff&pageId=204890&pid=221143&su_int=classic&slot=polymorph&vid=00000000-0000-0000-0000-000000000001&fv=1482&ts=1755711321405&f=1&referer=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.65.182 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-65-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
c.html
cdn.admixer.net/scripts3/92978/ Frame 6231 		738 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age
198144
cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:20 GMT
etag
W/"68a300d0-2e2"
expires
Wed, 19 Aug 2026 10:32:56 GMT
last-modified
Mon, 18 Aug 2025 10:30:40 GMT
server
nginx
traceparent
00-b78f677477d074fc6a2180d340886f14-e7e96f4041831e83-01
vary
Accept-Encoding
x-cached-since
2025-08-18T10:32:56+00:00
x-id
fr5-hw-edge-gc8
x-id-fe
fr5-hw-edge-gc8
cntcm.aspx
ads.futureads.io/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/cntcm.aspx?pvOId=5445ae29-f294-4def-8a81-39ddac749ac7&ssp=6125A101-7F5D-4FF5-8F0C-B946410E49CC&cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&fp_am_uid=0bb275cd-9cc2-49af-9ca8-79107e32817c&userid=095df0869311439db9480de4a1505290
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers
dmpapxl.aspx
ads.futureads.io/ 		43 B
295 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dmpapxl.aspx?cntoid=2cf8f785-be88-4b95-9c42-2572462cb580&pvOId=5445ae29-f294-4def-8a81-39ddac749ac7&referrer=&page=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&fp_am_uid=0bb275cd-9cc2-49af-9ca8-79107e32817c&bot=%7B%22bot%22%3Afalse%7D&userid=095df0869311439db9480de4a1505290&userid=&siteuserid=
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/analytics/tag-manager.js?m=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

expires
Wed, 21 Oct 2015 07:28:00 GMT
cache-control
no-store
p3p
CP="NID DSP ALL COR"
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
nginx
mobsync
inv-nets.admixer.net/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/mobsync?uid=0bb275cd9cc249af9ca879107e32817c&idfa=
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-origin
*
content-length
0
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
nginx
access-control-allow-credentials
true
dmpm.aspx
adsv.net/adsv/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adsv.net/adsv/dmpm.aspx
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.235.184.171 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
server
nginx
/
pixel.onaudience.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=205&mapped=0bb275cd9cc249af9ca879107e32817c&noredirect=1
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
37.187.82.222 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3254119.ip-37-187-82.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-type
image/gif
content-length
35
95264
tags.bluekai.com/site/ 		0
0
admxr.php
www.top.ge/api/ 		95 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.top.ge/api/admxr.php?am_uid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.93.89.87 Tbilisi, Georgia, ASN57814 (Cloud9 Cloud 9 Ltd., GE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
server
nginx/1.10.3
786defbc5f2dbc35
ads.us.e-planning.net/uspd/1/ 		0
0
ev_view.aspx
ads.futureads.io/ 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.futureads.io/ev_view.aspx?cc=DE%2FBE%2F2950159&am-uid=0bb275cd9cc249af9ca879107e32817c&zone=1748D37F-C0EF-4E63-94A4-1C4536009FCD&device=25&rule=599FDFD3-077B-4288-B3CD-1DE9DAF36C4B&requestId=6f16de56-5c53-46ab-add0-f76b3ededa94&hp=60801471&page=telegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&segments=7132%2C7151%2C1&ts=638913081212456343&ap=MA%3D%3D&asign=-20163730&sync=125%2C126%2C88%2C96%2C3%2C80&bt=3&carr=M247+Europe&connt=1&devt=2&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F138.0.0.0+Safari%2F537.36&isapp=0&os=Linux&adtype=0&extpubid=4D8BA46E-AAF8-4606-9B52-4016F6473A9F&inst=ADS-HETZ-3&pxl=0&pvid=a1caeffe-8347-476a-b583-398b5f95a8a9&ip=193.29.106.19&item=86D55F86-B3AD-4627-92D4-6DDEA341BACD&crid=86D55F86-B3AD-4627-92D4-6DDEA341BACD&size=300x250&profile=599FDFD3-077B-4288-B3CD-1DE9DAF36C4B&isopt=0&adv=jobs&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=&schain=%2C0%21futureads.net%2C4d8ba46e-aaf8-4606-9b52-4016f6473a9f%2C0%2C%2C%2C&cet=4&sw=1600&sh=1200&sf=0
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/gif
server
nginx
loader2.js
cdn.admixer.net/scripts3/ Frame 9D35 		178 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host:
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
788fbc77bce6bd9b0a39d1f51757e2d264e52272c456641af159f68bbdff2046

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=600
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a300bd-2c7b5"
age
190
cross-origin-resource-policy
cross-origin
traceparent
00-9d1a6a357659e08a68b4a70f898124c9-28cea4597b9aba1a-01
expires
Mon, 18 Aug 2025 22:10:22 GMT
date
Wed, 20 Aug 2025 17:35:20 GMT
content-type
application/javascript
last-modified
Mon, 18 Aug 2025 10:30:21 GMT
server
nginx
x-cached-since
2025-08-20T17:32:10+00:00
c.html
cdn.admixer.net/scripts3/92978/ Frame 29F7 		738 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age
198144
cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:20 GMT
etag
W/"68a300d0-2e2"
expires
Wed, 19 Aug 2026 10:32:56 GMT
last-modified
Mon, 18 Aug 2025 10:30:40 GMT
server
nginx
traceparent
00-b78f677477d074fc6a2180d340886f14-e7e96f4041831e83-01
vary
Accept-Encoding
x-cached-since
2025-08-18T10:32:56+00:00
x-id
fr5-hw-edge-gc8
x-id-fe
fr5-hw-edge-gc8
c.html
cdn.admixer.net/scripts3/92978/ Frame DCAC 		738 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/92978/c.html?b=92978
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age
198144
cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:20 GMT
etag
W/"68a300d0-2e2"
expires
Wed, 19 Aug 2026 10:32:56 GMT
last-modified
Mon, 18 Aug 2025 10:30:40 GMT
server
nginx
traceparent
00-b78f677477d074fc6a2180d340886f14-e7e96f4041831e83-01
vary
Accept-Encoding
x-cached-since
2025-08-18T10:32:56+00:00
x-id
fr5-hw-edge-gc8
x-id-fe
fr5-hw-edge-gc8
dsp.aspx
inv-nets.admixer.net/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=telegrafi&rct=4&v=2.0&rnd=6446753584161486&cpv=a6e2605d-95ca-4f6d-6a6a-1ab209d5ffec&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=0bb275cd-9cc2-49af-9ca8-79107e32817c&cntoid=&data=%7B%22id%22%3A%227785f485-d39f-5cac-bd44-7c32060598d1%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252Fen%252FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F138.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b4b53e0-e738-4354-689b-e78957f455b0%22%2C%22tagid%22%3A%22fcb89fa5-2dfe-4834-bd46-8a67bed281c0%22%2C%22ext%22%3A%7B%22ph%22%3A%22telegrafi_async_451328381%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22telegrafi%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%220ef11663-6a52-d466-bc4b-39b1c735ee22%22%2C%22tagid%22%3A%22a0923d53-4bd5-4787-b134-a72bb441a32b%22%2C%22ext%22%3A%7B%22ph%22%3A%22telegrafi_async_1864771998%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22telegrafi%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A2%7D&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
f17e230830e74bf17fa7a6dceff8b5c3fb8040aaf65f00ff29119e8d417e431f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
content-encoding
gzip
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
4379
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
server
nginx
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202508190101/ 		64 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202508190101/gpt
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
6912b382215f9f5e7c6af38b4d6f7e9178873aee20a4a99aef97f3aef7c3854f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
3809978400620396827
age
70385
x-content-type-options
nosniff
expires
Tue, 26 Aug 2025 22:02:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 19 Aug 2025 22:02:16 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23799
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202508190101"
lotame20250702.js
s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/ Frame D2DC 		734 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/lotame20250702.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
2a4d0db8e03350480c98deeef085a02b038f9598f1113908ad6f9f6346d402fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

cache-control
max-age=157680000
content-encoding
gzip
etag
W/"68655c18-2de"
expires
Mon, 19 Aug 2030 17:35:21 GMT
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/x-javascript
last-modified
Wed, 02 Jul 2025 16:19:36 GMT
server
openresty
current
prebid-match.dotomi.com/match/bounce/ Frame D2DC 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.207.16.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams03-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
date
Wed, 20 Aug 2025 17:35:21 GMT
pragma
no-cache
server
nginx
v1
match.sharethrough.com/universal/ Frame D2DC 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.153.64.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-64-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
um
u-ams03.e-planning.net/ Frame D2DC
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26...
  • https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=49c2ecf1ff8ee8ac
0
0
getuid
ib.adnxs.com/ Frame D2DC 		0
0
um
u-ams03.e-planning.net/ Frame D2DC
Redirect Chain
  • https://eu-rtbstack-cm.admixer.net/cm?client=c4527281-5aa5-4c8e-bc53-a80bb3f99470&ssp=89&partnerUserID=[USER_ID]&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%24visitor_cookie%24%24%26...
  • https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
openresty

Redirect headers

access-control-expose-headers
location
location
https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
Connection
keep-alive
access-control-allow-credentials
true
Content-Length
0
Keep-Alive
timeout=25
Date
Wed, 20 Aug 2025 17:35:21 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
ad-viewable.js
cdn.admixer.net/m/ Frame 7EE0 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/m/ad-viewable.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
025ca9d5ebe79dc1b7d2efb378e0267be3d8261a964a98b516249ea634b02ba9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a5d6d9-1607"
age
12375
traceparent
00-54c31a1acf08abe651511f079a813e70-e03c67e0ace034e1-01
expires
Fri, 21 Aug 2026 14:09:06 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Wed, 20 Aug 2025 14:08:25 GMT
server
nginx
x-cached-since
2025-08-20T14:09:06+00:00
vary
Accept-Encoding
ad-events.js
cdn.admixer.net/m/ Frame 7EE0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/m/ad-events.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
9b89a9b74b3f245b7dd66ffaf528d18da8b92337cf009091e5f37cdbfb6adc50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a5d6d8-f85"
age
12371
traceparent
00-9efe1469430c7eb3e973fa58caed1a72-57591bd21ca1e7cf-01
expires
Fri, 21 Aug 2026 14:09:10 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Wed, 20 Aug 2025 14:08:24 GMT
server
nginx
x-cached-since
2025-08-20T14:09:10+00:00
vary
Accept-Encoding
8aff0662-dcf1-4378-86d5-c30ff276e3e5.png
content.admixer.net/test1/2d64ec51-00fd-47ac-a31b-81ee8795feda/ Frame 7EE0 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/2d64ec51-00fd-47ac-a31b-81ee8795feda/8aff0662-dcf1-4378-86d5-c30ff276e3e5.png
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (Colocall 1 Cloud Lab s.r.o., SK),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
cf098f5b724e6fa2b600734bb9e2a7c1a785592d0892b1498321b6c6b4942b3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Cache-Control
max-age=31622400
Access-Control-Expose-Headers
content-range
ETag
"684018dc-172b3"
Connection
keep-alive
cross-origin-resource-policy
cross-origin
Referrer-Policy
no-referrer-when-downgrade
Expires
Fri, 21 Aug 2026 17:35:21 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
94899
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/png
Last-Modified
Wed, 04 Jun 2025 09:58:52 GMT
Server
nginx
sbidderevent-new
sbidder-new-inv-eu.admixer.net/ Frame 7EE0 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sbidder-new-inv-eu.admixer.net/sbidderevent-new?et=0&curr=${AUCTION_CURRENCY}&ap=${AUCTION_PRICE}&data=ZXZ2ZXI9MiZwPTMwNjgxMiZhaT02NzIyMTImaWk9NTFkZjk2NGUtOGFlNi00MTY4LTgyNjItZmIyMGRkYWQ1M2NhJmNvdT1ERSZzc3A9NzU1MDgmZG1wcz03MTUxLDEsNzEzMiZ0cz02Mzg5MTMwODEyMTUwOTE3MjAmcmk9YTIxNmEzMzItZWY1Ny00OThkLWJiZTUtMDM3YWM1ZmRhNjhlJmRjPUVVJnBsdD0yNSZuZXRvd25lcj02NzYxMiZ6aT0xMTc0NDEmY25uPTEmY2l0eT1ERS9CRS8yOTUwMTU5JmlkZmE9JmlzcD1NMjQ3IEV1cm9wZSZ1YT1Nb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzguMC4wLjAgU2FmYXJpLzUzNy4zNiZydWxlPTE2OTc4MCZicj0zJm9zPUxpbnV4Jm9zdj0mZHQ9MiZyPURFL0JFJmQ9dGVsZWdyYWZpLmNvbSZjaWQ9JnNpemU9MzAweDI1MCZtYWtlPSZtb2RlbD0mc3I9MTYwMHgxMjAwJnNzcG5ldG93PTY3NjEyJmFzaT10ZWxlZ3JhZmkuY29tJmFzaWlkPTMzJnNpZD0yZTE0NjZkNS1jNWQ1LTQzYjktYWQyZC1iZjNjMTcxN2JkNjkmcHRzPTYzODkxMzE1MzIxNTA5MTcyMCZmaWQ9MCZjYnA9MzAmdGR0ej02Mzg5MTMxNTMyMTUwOTE3MjAmbmV0dHo9NjM4OTEzMTg5MjE1MDkxNzIwJnBmej02MDM2ODc4Jm53aWQ9MjI3JmRzcD03NTU0NCZjbGlkPTgwNzQ5JmNhbXA9OTk0OTMmdGRjcj03NDgmcHJvZGY9MzIzOTkmcHJvZD0xNjc2NiZmb3JtPTU0ODImZW52PTEmc2l0ZT01MDMwNiZzZWN0PTU2NzU4JnRlbXA9MSZjcmVhdD0yMzcyMzUmY3JvaWQ9Mzg3RkFENzQtMTUyMC00NTFBLUJEOTItODQ2MjBDOUMzODcwJmFkX3R5cGU9MSZzc3BuZXQ9MjI3JmlwPTEzNkExREMxJnBmbmV0PTIyNyZwZm93bj02NzYxMiZwZmN1cj0xJnB1Ym5ldD00NTU5NyZzaXRlbmV0PTUzMDk0Jm5ldGNoPTIyNyZuZXRvd25jaD02NzYxMiZzc2lkZT0wJnBmcz0yNjc4MTE1Jmt2dD0wJmV4cD0zMDAmY29tbT0wLjAwMDAwMDAwJmRtcHA9MC4wMDAwMDAwMCZjcnA9MCZjdXJyY2g9U2ltcGxlQmlkZGVyLkFwcGxpY2F0aW9uLkN1cnJlbmN5UmF0ZXMuQ3VycmVuY3lSYXRlK1VzZEN1cnJlbmN5UmF0ZSZ2az0wYmIyNzVjZDljYzI0OWFmOWNhODc5MTA3ZTMyODE3YyZjb21tdD0xJmJmPTAuMDAwMDAwMDAmYWR2Y3I9MSZhZHZjPVVTRCZiaWRjcj0xJmZwPTQuMDAwMCZkbXBtcz0mc3NwY3VycmF0ZT0xJm49YzkxMDliZTUtZDgyYi00NmRkLWJiYTMtMWE0ZmEzZmRiYWQ0JmFkdj1kODNkMzMyNi1iNTgzLTQyNjQtYWZhYS1kNzc1ZGVlYzhiZWQmbmV0Y3VycmF0ZT0xJmVhdWQ9JmJpZGN1cnI9VVNEJmNicGN1cj0xJmNicHByPTAmbmV0Y3VyPVVTRCZjb25mPTAmcG09MCZydT00645df90&evts=1755711321540&rnd=638913081215091720
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.157 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.157.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-origin
*
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
1px-matching-go2net.gif
m.trafmag.com/images/ Frame 7EE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEAjy6GoRrRwyCwo4g0TxR7Q&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive

Redirect headers

keep-alive
timeout=25
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
server
nginx
1px-matching-go2net.gif
m.trafmag.com/images/ Frame 7EE0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEENi0ksP9ukSkSOny1xkEa8&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive

Redirect headers

keep-alive
timeout=25
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
server
nginx
1px-matching-go2net.gif
m.trafmag.com/images/ Frame CC37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_mixer&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEGFt9Dcp8_esEA2PhgqKhNw&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive

Redirect headers

keep-alive
timeout=25
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
server
nginx
1px-matching-go2net.gif
m.trafmag.com/images/ Frame CC37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm&gdpr=0&gdpr_consent=&rnd=638913081215091720
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MGJiMjc1Y2Q5Y2MyNDlhZjljYTg3OTEwN2UzMjgxN2M&google_cm=&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&gdpr=0&gdpr_consent=&rnd=638913081215091720&google_gid=CAESEBIN_mk_LjSDy01VIJqqVhE&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive

Redirect headers

keep-alive
timeout=25
location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=0bb275cd9cc249af9ca879107e32817c
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
server
nginx
ad-viewable.js
cdn.admixer.net/m/ Frame CC37 		6 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/m/ad-viewable.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
025ca9d5ebe79dc1b7d2efb378e0267be3d8261a964a98b516249ea634b02ba9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a5d6d9-1607"
age
12375
traceparent
00-54c31a1acf08abe651511f079a813e70-e03c67e0ace034e1-01
expires
Fri, 21 Aug 2026 14:09:06 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Wed, 20 Aug 2025 14:08:25 GMT
server
nginx
x-cached-since
2025-08-20T14:09:06+00:00
vary
Accept-Encoding
ad-events.js
cdn.admixer.net/m/ Frame CC37 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/m/ad-events.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software
nginx /
Resource Hash
9b89a9b74b3f245b7dd66ffaf528d18da8b92337cf009091e5f37cdbfb6adc50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache
HIT
x-id-fe
fr5-hw-edge-gc8
cache-control
max-age=31622400
content-encoding
gzip
x-id
fr5-hw-edge-gc8
etag
W/"68a5d6d8-f85"
age
12371
traceparent
00-9efe1469430c7eb3e973fa58caed1a72-57591bd21ca1e7cf-01
expires
Fri, 21 Aug 2026 14:09:10 GMT
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/javascript
last-modified
Wed, 20 Aug 2025 14:08:24 GMT
server
nginx
x-cached-since
2025-08-20T14:09:10+00:00
vary
Accept-Encoding
8aff0662-dcf1-4378-86d5-c30ff276e3e5.png
content.admixer.net/test1/2d64ec51-00fd-47ac-a31b-81ee8795feda/ Frame CC37 		93 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/2d64ec51-00fd-47ac-a31b-81ee8795feda/8aff0662-dcf1-4378-86d5-c30ff276e3e5.png
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (Colocall 1 Cloud Lab s.r.o., SK),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
cf098f5b724e6fa2b600734bb9e2a7c1a785592d0892b1498321b6c6b4942b3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Cache-Control
max-age=31622400
Access-Control-Expose-Headers
content-range
ETag
"684018dc-172b3"
cross-origin-resource-policy
cross-origin
Referrer-Policy
no-referrer-when-downgrade
Expires
Fri, 21 Aug 2026 17:35:21 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
94899
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
image/png
Last-Modified
Wed, 04 Jun 2025 09:58:52 GMT
Server
nginx
sbidderevent-new
sbidder-new-inv-eu.admixer.net/ Frame CC37 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sbidder-new-inv-eu.admixer.net/sbidderevent-new?et=0&curr=${AUCTION_CURRENCY}&ap=${AUCTION_PRICE}&data=ZXZ2ZXI9MiZwPTMwNjgxMiZhaT02NzIyMTImaWk9OGZjYzQ0NGQtNTMzZC00ZGI0LTliMmMtYWJlY2RhMzFkMGMxJmNvdT1ERSZzc3A9NzU1MDgmZG1wcz03MTUxLDEsNzEzMiZ0cz02Mzg5MTMwODEyMTUwOTE3MjAmcmk9YTIxNmEzMzItZWY1Ny00OThkLWJiZTUtMDM3YWM1ZmRhNjhlJmRjPUVVJnBsdD0yNSZuZXRvd25lcj02NzYxMiZ6aT0xMTc0MzkmY25uPTEmY2l0eT1ERS9CRS8yOTUwMTU5JmlkZmE9JmlzcD1NMjQ3IEV1cm9wZSZ1YT1Nb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzguMC4wLjAgU2FmYXJpLzUzNy4zNiZydWxlPTE2OTc3OCZicj0zJm9zPUxpbnV4Jm9zdj0mZHQ9MiZyPURFL0JFJmQ9dGVsZWdyYWZpLmNvbSZjaWQ9JnNpemU9MzAweDI1MCZtYWtlPSZtb2RlbD0mc3I9MTYwMHgxMjAwJnNzcG5ldG93PTY3NjEyJmFzaT10ZWxlZ3JhZmkuY29tJmFzaWlkPTMzJnNpZD0yZTE0NjZkNS1jNWQ1LTQzYjktYWQyZC1iZjNjMTcxN2JkNjkmcHRzPTYzODkxMzE1MzIxNTA5MTcyMCZmaWQ9MCZjYnA9MzAmdGR0ej02Mzg5MTMxNTMyMTUwOTE3MjAmbmV0dHo9NjM4OTEzMTg5MjE1MDkxNzIwJnBmej02MDM2ODc2Jm53aWQ9MjI3JmRzcD03NTU0NCZjbGlkPTgwNzQ5JmNhbXA9OTk0OTMmdGRjcj03NDgmcHJvZGY9MzIzOTkmcHJvZD0xNjc2NiZmb3JtPTU0ODImZW52PTEmc2l0ZT01MDMwNiZzZWN0PTU2NzU4JnRlbXA9MSZjcmVhdD0yMzcyMzUmY3JvaWQ9Mzg3RkFENzQtMTUyMC00NTFBLUJEOTItODQ2MjBDOUMzODcwJmFkX3R5cGU9MSZzc3BuZXQ9MjI3JmlwPTEzNkExREMxJnBmbmV0PTIyNyZwZm93bj02NzYxMiZwZmN1cj0xJnB1Ym5ldD00NTU5NyZzaXRlbmV0PTUzMDk0Jm5ldGNoPTIyNyZuZXRvd25jaD02NzYxMiZzc2lkZT0wJnBmcz0yNjc4MTE1Jmt2dD0wJmV4cD0zMDAmY29tbT0wLjAwMDAwMDAwJmRtcHA9MC4wMDAwMDAwMCZjcnA9MCZjdXJyY2g9U2ltcGxlQmlkZGVyLkFwcGxpY2F0aW9uLkN1cnJlbmN5UmF0ZXMuQ3VycmVuY3lSYXRlK1VzZEN1cnJlbmN5UmF0ZSZ2az0wYmIyNzVjZDljYzI0OWFmOWNhODc5MTA3ZTMyODE3YyZjb21tdD0xJmJmPTAuMDAwMDAwMDAmYWR2Y3I9MSZhZHZjPVVTRCZiaWRjcj0xJmZwPTQuMDAwMCZkbXBtcz0mc3NwY3VycmF0ZT0xJm49YzkxMDliZTUtZDgyYi00NmRkLWJiYTMtMWE0ZmEzZmRiYWQ0JmFkdj1kODNkMzMyNi1iNTgzLTQyNjQtYWZhYS1kNzc1ZGVlYzhiZWQmbmV0Y3VycmF0ZT0xJmVhdWQ9JmJpZGN1cnI9VVNEJmNicGN1cj0xJmNicHByPTAmbmV0Y3VyPVVTRCZjb25mPTAmcG09MCZydT00645df90&evts=1755711321547&rnd=638913081215091720
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.157 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.157.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-origin
*
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
786defbc5f2dbc35
ads.us.e-planning.net/uspd/1/ Frame F690 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=telegrafi&rct=4&v=2.0&rnd=6446753584161486&cpv=a6e2605d-95ca-4f6d-6a6a-1ab209d5ffec&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&fpamuid=0bb275cd-9cc2-49af-9ca8-79107e32817c&cntoid=&data=%7B%22id%22%3A%227785f485-d39f-5cac-bd44-7c32060598d1%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Ftelegrafi.com%252Fen%252FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F138.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b4b53e0-e738-4354-689b-e78957f455b0%22%2C%22tagid%22%3A%22fcb89fa5-2dfe-4834-bd46-8a67bed281c0%22%2C%22ext%22%3A%7B%22ph%22%3A%22telegrafi_async_451328381%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22telegrafi%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%220ef11663-6a52-d466-bc4b-39b1c735ee22%22%2C%22tagid%22%3A%22a0923d53-4bd5-4787-b134-a72bb441a32b%22%2C%22ext%22%3A%7B%22ph%22%3A%22telegrafi_async_1864771998%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22sender%22%3A%22telegrafi%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A2%7D&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
46e33343abafacdc8435b91312744db16da3bf2a8e49f0310034ee32bf54cb6b

Request headers

Referer
https://telegrafi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
expires
Wed, 20 Aug 2025 17:35:21 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
occ
ups.analytics.yahoo.com/ups/58613/ 		0
0
match
dm-eu.hybrid.ai/ 		0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=128&vid=0bb275cd9cc249af9ca879107e32817c
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
access-control-allow-credentials
true
expires
-1
access-control-allow-origin
https://telegrafi.com
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode
5023
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
1; mode=block
server
Hybrid Web Server
usync.html
eus.rubiconproject.com/ Frame 38E9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.130 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-130.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B554 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=112432
content-encoding
gzip
content-length
6694
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
expires
Fri, 22 Aug 2025 00:49:13 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0C28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
lotame20250702.js
s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/ Frame F690 		734 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/lotame20250702.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
2a4d0db8e03350480c98deeef085a02b038f9598f1113908ad6f9f6346d402fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

cache-control
max-age=157680000
content-encoding
gzip
etag
W/"68655c18-2de"
expires
Mon, 19 Aug 2030 17:35:21 GMT
access-control-allow-origin
*
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
application/x-javascript
last-modified
Wed, 02 Jul 2025 16:19:36 GMT
server
openresty
current
prebid-match.dotomi.com/match/bounce/ Frame F690 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.207.16.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS
ams03-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
date
Wed, 20 Aug 2025 17:35:21 GMT
pragma
no-cache
server
nginx
v1
match.sharethrough.com/universal/ Frame F690 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.153.64.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-64-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
um
u-ams03.e-planning.net/ Frame F690
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26...
  • https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=49c2ecf1ff8ee8ac
0
0
getuid
ib.adnxs.com/ Frame F690 		0
0
um
u-ams03.e-planning.net/ Frame F690
Redirect Chain
  • https://eu-rtbstack-cm.admixer.net/cm?client=c4527281-5aa5-4c8e-bc53-a80bb3f99470&ssp=89&partnerUserID=[USER_ID]&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%24visitor_cookie%24%24%26...
  • https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
server
openresty

Redirect headers

access-control-expose-headers
location
location
https://u-ams03.e-planning.net/um?uid=0bb275cd9cc249af9ca879107e32817c&dc=9dbc022dd765f529&fi=49c2ecf1ff8ee8ac
Connection
keep-alive
access-control-allow-credentials
true
Content-Length
0
Keep-Alive
timeout=25
Date
Wed, 20 Aug 2025 17:35:21 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server
nginx
usync.html
eus.rubiconproject.com/ Frame 50B1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
269 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.130 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-130.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 53A2 		20 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=112432
content-encoding
gzip
content-length
6694
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
expires
Fri, 22 Aug 2025 00:49:13 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 04B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
embedv2.js
c.disquscdn.com/embedv2/latest/ Frame 23DD 		792 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/embedv2/latest/embedv2.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
d02825a78891e546cf5eb66def8088648e539a6236e099f77e138161f9a01407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

content-encoding
gzip
etag
"688a807b-3d7c1"
age
83
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:38:58 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
-IsqmE34XVsT0OV5s01u6E0ubpJ9uqx86A7ghH6hGdx-hHY989JLng==
date
Wed, 20 Aug 2025 17:33:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Jul 2025 20:28:43 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=300, public
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
251841
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
lounge.load.899397965d3ae4c97a216345ca76b527.js
c.disquscdn.com/next/embed/ Frame 23DD 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.899397965d3ae4c97a216345ca76b527.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4727f4b39d5daddf7d610e036e0103cb3f86b0d5aec96d89a6491658e79fce02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

content-encoding
gzip
surrogate-key
next
etag
"689d87f3-1f1"
age
556514
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 07:00:07 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
tVLEqDehAj_BqQATUajzGudDUu8jZfU8T0YtVKl1CaQaeQ7MqDIRKg==
date
Thu, 14 Aug 2025 07:00:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Aug 2025 06:53:39 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 31f99335e123f7c9f6d5f06a3508646e.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
497
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
1
serving.stat-rock.com/v1/placements/jBsDrr2VjZQa/code/js/ 		1 KB
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/v1/placements/jBsDrr2VjZQa/code/js/1?url=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&b=0.23241469460035624
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
892018efed8ee108fc031413487fb35c442968a332409cd4852c257cd26ecd12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
*/*
Referer
https://telegrafi.com/

Response headers

srvf
199.101.135.227
cache-control
no-store, no-cache, must-revalidate
srvb
127.0.0.1:8082
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://telegrafi.com
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame D2DC 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/lotame20250702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
408cb55dfaf3f42245181e9ef1f705cf7045fccfdbef913a5e84aed8f890b654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"5e7fa4e5750ee203fd58e10c30d358ad"
age
55320
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yUOsaJszSnZBVJQF35R2YHrQkZmVNqKueWLCHO5HdDO4g-A1ucwFDw==
date
Wed, 20 Aug 2025 02:13:22 GMT
content-type
text/javascript
last-modified
Wed, 06 Aug 2025 15:13:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame F690 		64 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/lotame20250702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
408cb55dfaf3f42245181e9ef1f705cf7045fccfdbef913a5e84aed8f890b654

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"5e7fa4e5750ee203fd58e10c30d358ad"
age
55320
via
1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
yUOsaJszSnZBVJQF35R2YHrQkZmVNqKueWLCHO5HdDO4g-A1ucwFDw==
date
Wed, 20 Aug 2025 02:13:22 GMT
content-type
text/javascript
last-modified
Wed, 06 Aug 2025 15:13:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
/
spl.zeotap.com/ Frame 8EC2 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b857a1def0fc5a9e13d2a1f209837c67f5a9592fc4c731043c3f5b736cd39bc6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
9723a590bec518db-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfOrigin;dur=4,cfEdge;dur=23
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
usync.html
u-ams.4dex.io/ortb/ Frame 9863 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams.4dex.io/ortb/usync.html?publisher_id=1417&r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3D7d0379c2259b3e0e%26fi%3D49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.227.231 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
231.227.1.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Wed, 20 Aug 2025 17:35:21 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
x-err
x-warn
Configuration. Missing 'domain' in the request
cookie_sync
dsp-service.admatic.de/ Frame 4B5E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Pixad
Resource Hash
3536c49d21f8bb0036403712f096d6a6240217fadf060c48e811793e8444b17e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
9723a5909dded3a5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 20 Aug 2025 17:35:21 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=EUVQAG8hLK0H%2B3ixWmWyUoBLCXidVst2HfS8P6a7UNfhNDrX1D2VaGKrLayZXeO0b38SgYIBeVl7jim%2Fa4ncEmVdyhUmD7upHeUb7OtFuPvDe7Zc0Q%3D%3D"}]}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
working-app
admanager-report
working-on
admatic-k8s
x-powered-by
Pixad
cksync.php
hb.trustedstack.com/ Frame AAA3 		43 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-86-251-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
43
content-type
image/gif
date
Wed, 20 Aug 2025 17:35:22 GMT
expires
Wed, 20 Aug 2025 17:35:22 GMT
pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
timing-allow-origin
*
vary
Accept-Encoding
adxcm.aspx
inv-nets.admixer.net/ Frame 024C 		43 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFGrKBOiu5gxrZgU
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ct=1&ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Wed, 20 Aug 2025 17:35:21 GMT
keep-alive
timeout=25
p3p
CP="NID DSP ALL COR"
server
nginx
x-xss-protection
0
/
spl.zeotap.com/ Frame E57E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b79bb6407cc5bd56db9e79e5744c2cb37d65e4756a4a658a63fe6a253962ac4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
9723a590fee918db-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfOrigin;dur=4,cfEdge;dur=17
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
usync.html
u-ams.4dex.io/ortb/ Frame 1BDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams.4dex.io/ortb/usync.html?publisher_id=1417&r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUID%7D%26dc%3D7d0379c2259b3e0e%26fi%3D49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.227.231 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
231.227.1.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Wed, 20 Aug 2025 17:35:21 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
x-err
x-warn
Configuration. Missing 'domain' in the request
cookie_sync
dsp-service.admatic.de/ Frame 7F50 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Pixad
Resource Hash
2b9c73ea93831cd5c514484de399628f78240305bd12041dbf4759b80ce8830f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
9723a590cde9d3a5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 20 Aug 2025 17:35:21 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Z2RYYUpTDg4w5AkTPC20DpRvl0Q5gP8035e6Y3Itz3KT6dOeObwaxeITMmoMO1PeWW4m%2FjL%2BNweJHzXJMZQp3Ue0IbJ42nQ8UyyBJE8rINdBg71%2BeA%3D%3D"}]}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
working-app
admanager-report
working-on
admatic-k8s
x-powered-by
Pixad
cksync.php
hb.trustedstack.com/ Frame 1419 		43 B
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D49c2ecf1ff8ee8ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-86-251-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
43
content-type
image/gif
date
Wed, 20 Aug 2025 17:35:22 GMT
expires
Wed, 20 Aug 2025 17:35:22 GMT
pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
timing-allow-origin
*
vary
Accept-Encoding
adxcm.aspx
inv-nets.admixer.net/ Frame 290E 		43 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFGrKBOiu5gxrZgU
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Wed, 20 Aug 2025 17:35:21 GMT
keep-alive
timeout=25
p3p
CP="NID DSP ALL COR"
server
nginx
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame B554 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60125295&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D49c2ecf1ff8ee8ac%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 20 Aug 2025 17:35:21 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
cookie.html
static.cdn.admatic.de/ Frame A020
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://prebid.admatic.de/setuid?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632
  • https://static.cdn.admatic.de/cookie.html?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
def4ed9330aa2abc274a11739864a9d2
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a59189b1f51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JGZvnYfDEYfNC1B5ZxYLh%2BWguM0MHRLqWa%2BWs0Hdr6Ks0VsLEZ0RGZdx9WzQwCO%2F1tfulqdpd%2FHxEdi6VDIliiE%2FeL8WPCjlx8vgwe%2BsfWsr4lIo"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a5917b962c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=adform&gdpr=0&gdpr_consent=&f=i&uid=2024904917186161632
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FS%2BSZFHuSAPl4hGZgDcdGOm5zrWW7ZhkukpC%2F%2FUWcDNPk9454IGV6Ta0KpBH4i3%2BfxcTVa%2BGMz9qJ73cMr68Cijneysy5hkYS7c%2Bryg1Ujc%3D"}]}
server
cloudflare
vary
accept-encoding
cookie.html
static.cdn.admatic.de/ Frame 270D
Redirect Chain
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
d0b7c0bfd2a8c97694fa1e1f38b14275
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a591b9b9f51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mcQS%2FrzlFcX6TOeWB3cXBRRSal0aynC4ukwOkmPzNIg59Aic2em7nmTkh7HPpjkNkqAJLkjylcPup5ddX%2B0%2FphsqfKUH30VsCQAaz5jbO7hoGNe6"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a591ab972c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=33efa848-78cf-4f02-a9b4-e0dd91124d79
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=f50fLdqcTdDIjD5D%2F3L0jkWziDPPd8QPG%2BezAk7%2FPruttKqHmlv14J%2FhY6GR0lxzFGS5N%2B%2FdGcU5f2ebcbfmFIjSZpoJJOHj%2FLXlqd1dC8E%3D"}]}
server
cloudflare
vary
accept-encoding
ImgSync
image8.pubmatic.com/AdServer/ Frame EE45 		0
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.106 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
strict-transport-security
max-age=16070400; includeSubDomains
cookie.html
static.cdn.admatic.de/ Frame F4DA
Redirect Chain
  • https://dsp-service.admatic.de/users/sync/?redir=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadmaticde%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
  • https://prebid.admatic.de/setuid?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
  • https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
ff08af73b30f21ad0acf32bd7e1d8bdb
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a59159acf51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aTUrIZbV1Dc3UZhWAkdfA%2BNl6KRTTRF0P73TTJhm8L%2Bblt%2Fn2ZBP6snw213onG4edNr2hMOd%2FynHV%2Ftc60%2FTM%2Btlb4SKJXvpq5Nasr8ZNqXykXRk"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a5911b8a2c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=7e03d3a7-980b-4eb4-8b2d-2490dbb9f066
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6i468HVm5ZoNALWsXfZ%2F0uhH7G78RycHHPGWL1dgrJR3yi9J3T76K0gHbnD71AjeH8aAoJFrz910xVW5Gwjz1sO4bXm6k4phwvnK%2BUod4k0%3D"}]}
server
cloudflare
vary
accept-encoding
cookie.html
static.cdn.admatic.de/ Frame 46B8
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
057af6ca3e938259a8d56b34667f524a
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a59289c5f51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:22 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Sn6Dk4R6jDp0tDldDKliE2bUnYhcQq4lV1oenWgUo3ebq54lrfV6Tly3llyzBmzj1JuAYj88oUnqtVpFZ6%2FsNMoW%2ByK%2BdPTbeATsC6QMqPtG24jg"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a5927bb42c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TUyZ7b1pm4j8lSOfoY7jw03xgqZnvEhimMu3ouQXyNgcNfxoX5Ax4%2FsWBV98KLKY9xtNI7wSAT14xyY6kMLix0qlxUGuHDV5IzfY3Yyj5Lo%3D"}]}
server
cloudflare
vary
accept-encoding
common.bundle.bdf4376e33809b5924d944686c6b7e1e.js
c.disquscdn.com/next/embed/ Frame 23DD 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.bdf4376e33809b5924d944686c6b7e1e.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.899397965d3ae4c97a216345ca76b527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
0eea1f50736a5838163ff79ba6ffd3a7c5f43538b84e117abfb04cd627066151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

content-encoding
gzip
surrogate-key
next
etag
"682deffb-16ff0"
age
7869941
x-content-type-options
nosniff
expires
Thu, 21 May 2026 15:29:39 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
SGuejO5qVsK0yJMiUtVKpPgVGTmsN5sNd3RvIkmgVmJKyQs9xiQm_Q==
date
Wed, 21 May 2025 15:29:39 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 21 May 2025 15:23:39 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
94192
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
getuid
ib.adnxs.com/ Frame 8EC2 		0
0
pixel
cm.g.doubleclick.net/ Frame 8EC2 		170 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
match
c1.adform.net/serving/cookie/ Frame 8EC2 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
cm
trc.taboola.com/sg/zeotap/1/ Frame 8EC2 		0
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361&redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%3CTUID%3E%26zpartnerid%3D1367%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

x-fastly-to-nlb-rtt
7426
x-timer
S1755711322.838620,VS0,VE14
x-vcl-time-ms
14
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-fra-eddf8230073-FRA
u
dmp.v.fwmrm.net/ad/ Frame 8EC2 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.144.50.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-50-154.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

Cache-Control
no-store
Pragma
no-cache
Connection
keep-alive
Expires
0
X-Fw-Request-Id
umo0cd5_1755711322725675974
Content-Length
0
Keep-Alive
timeout=300
Date
Wed, 20 Aug 2025 17:35:22 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Type
text/html
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8EC2 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 8EC2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=b66ffb8c-6a6d-464b-504c-3406da3ca06d&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5924ff518db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
dcs
dcs-prod-irl1-1-v078-0ad748ae6.edge-irl1.demdex.com 2 ms
pragma
no-cache
x-tid
DJ3Iby9RTBY=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Wed, 20 Aug 2025 17:35:21 GMT
mw
mwzeom.zeotap.com/ Frame 8EC2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7540722704963926378&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-...
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7540722704963926378&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a591efa618db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7540722704963926378&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Content-Length
0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Server
nginx
Connection
keep-alive
2.gif
dmp.theadex.com/d/949/i/ Frame 8EC2 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=b66ffb8c-6a6d-464b-504c-3406da3ca06d&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
content-length
0
x-adex-bad-parameter
route: resource blocked by system
date
Wed, 20 Aug 2025 17:35:21 GMT
pragma
no-cache
tpid=b66ffb8c-6a6d-464b-504c-3406da3ca06d
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 8EC2 		0
0
cms
ups.analytics.yahoo.com/ups/58697/ Frame 8EC2 		0
0
g.pixel
aa.agkn.com/adscores/ Frame 8EC2 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.85.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-19.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Wed, 20 Aug 2025 17:35:21 GMT
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
usermatch.gif
beacon.krxd.net/ Frame 8EC2 		0
0
cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame 8EC2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
85 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361&_test=aKYHWQAAfvhEtABG
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

x-robots-tag
noindex
cache-control
no-cache
x-timer
S1755711322.994489,VS0,VE0
age
475
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
85
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
x-served-by
cache-fra-eddf8230052-FRA
server
Jetty(9.4.35.v20201120)
x-cache-hits
1905

Redirect headers

x-robots-tag
noindex
cache-control
no-cache
location
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361&_test=aKYHWQAAfvhEtABG
x-timer
S1755711322.890309,VS0,VE87
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
x-served-by
cache-fra-eddf8230052-FRA
server
Jetty(9.4.35.v20201120)
x-cache-hits
0
v2
usermatch.krxd.net/um/ Frame 8EC2 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8EC2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504...
43 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
8CMDRCGZF4KETAAN4ATM
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 20 Aug 2025 17:35:22 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
0MS2CA6B6704V6MYK73G
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
mw
mwzeom.zeotap.com/ Frame 8EC2
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a592e85218db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
content-length
0
date
Wed, 20 Aug 2025 17:35:22 GMT
cross-origin-resource-policy
cross-origin
token
pixel.rubiconproject.com/ Frame 8EC2 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=b66ffb8c-6a6d-464b-504c-3406da3ca06d&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e06182bf224d96e6550f4595601cdb0b
Pragma
no-cache
syncd
x.bidswitch.net/ Frame 8EC2 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=b66ffb8c-6a6d-464b-504c-3406da3ca06d&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 8EC2 		95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5924ff118db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*
mw
mwzeom.zeotap.com/ Frame 8EC2
Redirect Chain
  • https://ws.rqtrk.eu/pull?pid=29b47cf6-51f1-45dc-8095-193fb9abe4da&tr=1&g=1&return-unstable=1&redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1590%26cid%3D%24BROWSER_ID%26env%3DmWeb%26e...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=da1dc9f6-28f3-4514-9fd9-c0c972c8703c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-4...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=da1dc9f6-28f3-4514-9fd9-c0c972c8703c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a592881718db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

cache-control
no-cache,private
location
https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=da1dc9f6-28f3-4514-9fd9-c0c972c8703c&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
pragma
no-cache
x-envoy-upstream-service-time
1
expires
Wed, 20 Aug 2025 17:35:20 GMT
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
server
istio-envoy
mw
mwzeom.zeotap.com/ Frame 8EC2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=zeotap&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe...
  • https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a594b9b118db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d
Content-Length
195
Date
Wed, 20 Aug 2025 17:35:22 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
generic
match.adsrvr.org/track/cmf/ Frame 8EC2 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Db66ffb8c-6a6d-464b-504c-3406da3ca06d%26reqId%3Decc6e09b-c13b-45ae-6f6a-e17ba7fe5964%26zdid%3D1361&domain=e-planning.net
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

content-length
70
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
Kestrel
cmp.min.js
spl.zeotap.com/ Frame 8EC2 		557 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3de6e0c8fc22de3d122cb1f2a80e37f961d2d17d5b913c26486316120c8dfe9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5914f3318db-FRA
access-control-allow-origin
https://spl.zeotap.com
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
cloudflare
access-control-allow-headers
*
collect
n.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.25/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://telegrafi.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://telegrafi.com
Date
Wed, 20 Aug 2025 17:35:22 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
prebid_check.js
tags.refinery89.com/ 		21 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.refinery89.com/prebid_check.js
Requested by
Host: geotags.refinery89.com
URL: https://geotags.refinery89.com/telegraficom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0cfd7fdc6e608bc2820e86aa254d06fd2b5142fbf945626c03404a86a65fe4cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
max-age=21600, public
etag
"b4ff8b34fb7438d9eef6c63dcd545070"
age
17150
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
21
x-amz-cf-id
Js3cl1Nf-sTeLXfpjwqhI0Nsf_jS-og3aSxZZ0Ka6dXBOKrrGfir_w==
date
Wed, 20 Aug 2025 12:49:32 GMT
content-type
application/javascript
last-modified
Mon, 07 Aug 2023 09:25:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
cookie.html
static.cdn.admatic.de/ Frame BC7F
Redirect Chain
  • https://server.smartytech.io/match?redirect=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buser_id%7D
  • https://prebid.admatic.de/setuid?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78
  • https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
aeb7df2e273c6cee4e459121e1e4c75f
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a59249c3f51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=a%2Ftqn5M0EUxpcF3sQkKJ68L9p6kGYimTVYYbueBJ9CDkm%2FzeBBm1otYOL3NiQzRBtxvgZmKVsfusBe47Mz5SjiauoQqrZoKI0gXphMPpFqn03%2FNh"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a5923bad2c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=membrana&gdpr=&gdpr_consent=&f=i&uid=fcda1e6e-ba0e-4234-890a-e1143f79bf78
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=k5OGb8WS8zg32x6QswbLgNYg%2FhYUVbh9dh1sfqbEu9Osra%2BWRJhzh4npiSPZrw5AowBKLSgWis7RcqabUehtMcJjIo3Umosk%2Bh7CM7oZjqk%3D"}]}
server
cloudflare
vary
accept-encoding
ImgSync
image8.pubmatic.com/AdServer/ Frame 4780 		0
40 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.106 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
strict-transport-security
max-age=16070400; includeSubDomains
um
u-ams03.e-planning.net/ Frame 005D 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf&dc=5f8d43ca0719402c&fi=49c2ecf1ff8ee8ac
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 20 Aug 2025 17:35:21 GMT
server
openresty
cookie.html
static.cdn.admatic.de/ Frame 92D8
Redirect Chain
  • https://dsp-service.admatic.de/users/sync/?redir=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Dadmaticde%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3Df5a91c5d-5345-49eb-a42f-fd7a79445bbf
  • https://prebid.admatic.de/setuid?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf
  • https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
2a6b077224f97415a839fab295fa573f
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a59179adf51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vPIXqWToA%2FpgjRvbPJfUo1yjF08FbLAH6b3%2B3FOS7qJWeylMFH%2BIU2AtdV9u4qlLYQAM6P5ItVu%2BNZO40dKph8Zx%2BxWAiImLr4tSZOF08xvF0uCk"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a5916b902c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=admaticde&gdpr=&gdpr_consent=&f=b&uid=f5a91c5d-5345-49eb-a42f-fd7a79445bbf
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=V2S7fwcHtmO4IOR%2FMBzOctQpneVAsHt%2FiUXB8q3QABU7d%2FfcakHg43nFnl6zcttjzok9iYjAeu%2BzA73YiPmqVOmG4oG%2FGwjocwVyFTppqVI%3D"}]}
server
cloudflare
vary
accept-encoding
cookie.html
static.cdn.admatic.de/ Frame C1C6
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.de%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://prebid.admatic.de/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
  • https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
Requested by
Host: dsp-service.admatic.de
URL: https://dsp-service.admatic.de/cookie_sync?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%24%7BUSER_ID%7D%26dc%3D5f8d43ca0719402c%26fi%3D49c2ecf1ff8ee8ac
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.108 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7

Request headers

Referer
https://dsp-service.admatic.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-origin
*
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
alt-svc
h3=":443"; ma=86400
cache-control
max-age=25600000
cdn-cache
HIT
cdn-cachedat
08/07/2025 15:49:28
cdn-edgestorageid
1334
cdn-fileserver
988
cdn-proxyver
1.33
cdn-pullzone
2526898
cdn-requestcountrycode
DE
cdn-requestid
057af6ca3e938259a8d56b34667f524a
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-status
200
cdn-storageserver
DE-1132
cdn-uid
e7d0f040-08f3-443e-a640-656beb6c8b3b
cf-cache-status
DYNAMIC
cf-ray
9723a59289c5f51f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Aug 2025 17:35:22 GMT
last-modified
Wed, 21 May 2025 13:27:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Sn6Dk4R6jDp0tDldDKliE2bUnYhcQq4lV1oenWgUo3ebq54lrfV6Tly3llyzBmzj1JuAYj88oUnqtVpFZ6%2FsNMoW%2ByK%2BdPTbeATsC6QMqPtG24jg"}]}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
9723a5927bb42c18-FRA
date
Wed, 20 Aug 2025 17:35:21 GMT
location
https://static.cdn.admatic.de/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TUyZ7b1pm4j8lSOfoY7jw03xgqZnvEhimMu3ouQXyNgcNfxoX5Ax4%2FsWBV98KLKY9xtNI7wSAT14xyY6kMLix0qlxUGuHDV5IzfY3Yyj5Lo%3D"}]}
server
cloudflare
vary
accept-encoding
getuid
ib.adnxs.com/ Frame E57E 		0
0
pixel
cm.g.doubleclick.net/ Frame E57E 		170 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ad-exchange-cookie-matcher","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/httpsserver2/ad-exchange-cookie-matcher"}]}
content-security-policy-report-only
script-src 'none';form-action 'none';frame-src 'none'; report-uri https://csp.withgoogle.com/csp/httpsserver2/ad-exchange-cookie-matcher
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
170
date
Wed, 20 Aug 2025 17:35:21 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
match
c1.adform.net/serving/cookie/ Frame E57E 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
cm
trc.taboola.com/sg/zeotap/1/ Frame E57E 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361&redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%3CTUID%3E%26zpartnerid%3D1367%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

x-fastly-to-nlb-rtt
7569
x-timer
S1755711322.847053,VS0,VE10
x-vcl-time-ms
10
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-fra-eddf8230073-FRA
u
dmp.v.fwmrm.net/ad/ Frame E57E 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.144.50.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-50-154.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

Cache-Control
no-store
Pragma
no-cache
Connection
keep-alive
Expires
0
X-Fw-Request-Id
umo0299_1755711322328262052
Content-Length
0
Keep-Alive
timeout=300
Date
Wed, 20 Aug 2025 17:35:22 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Content-Type
text/html
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E57E 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame E57E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dcce0aec-d35e-440c-488a-69ea1f5ff821&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5924ff218db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://mwzeom.zeotap.com/mw?cid=79559606197598490432118735808129429938&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
dcs
dcs-prod-irl1-2-v078-02d860216.edge-irl1.demdex.com 2 ms
pragma
no-cache
x-tid
xvafMsBMS2Q=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Wed, 20 Aug 2025 17:35:21 GMT
mw
mwzeom.zeotap.com/ Frame E57E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7540722704966351210&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7540722704966351210&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5921fbd18db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7540722704966351210&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Content-Length
0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Server
nginx
Connection
keep-alive
2.gif
dmp.theadex.com/d/949/i/ Frame E57E 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=dcce0aec-d35e-440c-488a-69ea1f5ff821&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
content-length
0
x-adex-bad-parameter
route: resource blocked by system
date
Wed, 20 Aug 2025 17:35:21 GMT
pragma
no-cache
tpid=dcce0aec-d35e-440c-488a-69ea1f5ff821
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame E57E 		0
0
cms
ups.analytics.yahoo.com/ups/58697/ Frame E57E 		0
0
g.pixel
aa.agkn.com/adscores/ Frame E57E 		0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.85.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-85-19.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Wed, 20 Aug 2025 17:35:21 GMT
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
usermatch.gif
beacon.krxd.net/ Frame E57E 		0
0
cQZGoH6Q
sync-tm.everesttech.net/ct/upi/pid/ Frame E57E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
85 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361&_test=aKYHWQAAAVE94wAQ
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

x-robots-tag
noindex
cache-control
no-cache
x-timer
S1755711322.006724,VS0,VE0
age
475
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
85
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
x-served-by
cache-fra-eddf8230052-FRA
server
Jetty(9.4.35.v20201120)
x-cache-hits
1906

Redirect headers

x-robots-tag
noindex
cache-control
no-cache
location
https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361&_test=aKYHWQAAAVE94wAQ
x-timer
S1755711322.890628,VS0,VE92
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
x-served-by
cache-fra-eddf8230052-FRA
server
Jetty(9.4.35.v20201120)
x-cache-hits
0
v2
usermatch.krxd.net/um/ Frame E57E 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame E57E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dcce0aec-d35e-440c-488a-69ea1f5ff821&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dcce0aec-d35e-440c-488a-69ea1f5ff821&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488...
43 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dcce0aec-d35e-440c-488a-69ea1f5ff821&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
HYXKW6JQRKV2AVAYPSG4
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 20 Aug 2025 17:35:22 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dcce0aec-d35e-440c-488a-69ea1f5ff821&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
599MSJZYK3JC9YRGTYKT
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 20 Aug 2025 17:35:21 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
mw
mwzeom.zeotap.com/ Frame E57E
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcc...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a593086918db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
content-length
0
date
Wed, 20 Aug 2025 17:35:22 GMT
cross-origin-resource-policy
cross-origin
token
pixel.rubiconproject.com/ Frame E57E 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=dcce0aec-d35e-440c-488a-69ea1f5ff821&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Pragma
no-cache
syncd
x.bidswitch.net/ Frame E57E 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=dcce0aec-d35e-440c-488a-69ea1f5ff821&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame E57E 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5924fef18db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*
mw
mwzeom.zeotap.com/ Frame E57E
Redirect Chain
  • https://ws.rqtrk.eu/pull?pid=29b47cf6-51f1-45dc-8095-193fb9abe4da&tr=1&g=1&return-unstable=1&redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1590%26cid%3D%24BROWSER_ID%26env%3DmWeb%26e...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=8135d6d9-e7f6-4c2f-aaf3-ac10653784f7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=8135d6d9-e7f6-4c2f-aaf3-ac10653784f7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a592780c18db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

cache-control
no-cache,private
location
https://mwzeom.zeotap.com/mw?zpartnerid=1590&cid=8135d6d9-e7f6-4c2f-aaf3-ac10653784f7&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
pragma
no-cache
x-envoy-upstream-service-time
0
expires
Wed, 20 Aug 2025 17:35:20 GMT
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-length
0
date
Wed, 20 Aug 2025 17:35:21 GMT
server
istio-envoy
mw
mwzeom.zeotap.com/ Frame E57E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=zeotap&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3...
  • https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&gdpr=1&gdpr_consent=
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a594899118db-FRA
access-control-allow-origin
https://spl.zeotap.com
content-length
95
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=GeWFvz17UPpRhAGxAFs2EsEdahM&env=mWeb&zpartnerid=2001&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&gdpr=1&gdpr_consent=
Content-Length
195
Date
Wed, 20 Aug 2025 17:35:22 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
generic
match.adsrvr.org/track/cmf/ Frame E57E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddcce0aec-d35e-440c-488a-69ea1f5ff821%26reqId%3Ddeaa8085-a5ee-4af0-6873-16952cb3aceb%26zdid%3D1361&domain=e-planning.net
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/

Response headers

content-length
70
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
Kestrel
cmp.min.js
spl.zeotap.com/ Frame E57E 		557 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.114 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afde167e85ae2adde8a02d14d24a3067ed4f29901d8b8baa36c0d3b0023a142
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
9723a5918f6718db-FRA
access-control-allow-origin
https://spl.zeotap.com
date
Wed, 20 Aug 2025 17:35:21 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
cloudflare
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 38E9 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.130 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-130.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
bedcbb7735bb55debaf6fececef9ebea69626a9988489d5cd3dcb1c6964fe8ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Response headers

cache-control
max-age=54870
content-encoding
gzip
expires
Thu, 21 Aug 2025 08:49:51 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11507
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 20 Aug 2025 08:49:51 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 50B1 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.9.130 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-9-130.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
bedcbb7735bb55debaf6fececef9ebea69626a9988489d5cd3dcb1c6964fe8ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu

Response headers

cache-control
max-age=54870
content-encoding
gzip
expires
Thu, 21 Aug 2025 08:49:51 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11507
date
Wed, 20 Aug 2025 17:35:21 GMT
last-modified
Wed, 20 Aug 2025 08:49:51 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
lounge.83585fd2dd4aeeb086f4d302697e25d4.css
c.disquscdn.com/next/embed/styles/ Frame 23DD 		234 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bdf4376e33809b5924d944686c6b7e1e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f6dce3a4481234283a70f76b3d6f60852aa4042e8886524a55fa62d928ca858d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

content-encoding
gzip
surrogate-key
next
etag
"689d87f3-82ae"
age
556513
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 07:00:08 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
tLBFD-W6iY1HW81Hcw89rlcEyDtRzbDxlESFt0RvHKfA7YuwshJ9gQ==
date
Thu, 14 Aug 2025 07:00:08 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 14 Aug 2025 06:53:39 GMT
x-cache-hits
0
x-served-by
static-web-2
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
33454
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
lounge.bundle.f0db039275dd41f4b3a7ad23503b83a5.js
c.disquscdn.com/next/embed/ Frame 23DD 		530 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.f0db039275dd41f4b3a7ad23503b83a5.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bdf4376e33809b5924d944686c6b7e1e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
819dc7d1df2b8c07b5f2f786ca061da88b9e73bb0d98069c31336b1d60e26dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

content-encoding
gzip
surrogate-key
next
etag
"689d87f3-21789"
age
556514
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 07:00:07 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
m3IH5nTQvPct9O0sKI_DmcYMLDET4RaWVUTo158B_YmaY9BopO8cww==
date
Thu, 14 Aug 2025 07:00:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Aug 2025 06:53:39 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
137097
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
config.js
disqus.com/next/ Frame 23DD 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bdf4376e33809b5924d944686c6b7e1e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
68316eb60a9b86810cdb93ad9b0b35e5fee574be4a3ee781fec58f73b5dfa353
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

Strict-Transport-Security
max-age=300; includeSubdomains
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin
*
Age
28
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
23212
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-XSS-Protection
1; mode=block
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
application/javascript; charset=UTF-8
Server
nginx
X-Frame-Options
SAMEORIGIN
details
disqus.com/api/3.0/forums/ Frame 23DD 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=telegraficom&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.bdf4376e33809b5924d944686c6b7e1e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1c2d8e816f809d7dddbe5fe8a746db314be68452ffec89e9787db1b34b7847f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
*/*

Response headers

Strict-Transport-Security
max-age=300; includeSubdomains
Age
11
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
X-Content-Type-Options
nosniff
Content-Length
3291
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-XSS-Protection
1; mode=block
Date
Wed, 20 Aug 2025 17:35:21 GMT
Content-Type
application/json
Vary
Origin, Cookie
Server
nginx
X-Frame-Options
SAMEORIGIN
css2
fonts.googleapis.com/ Frame 23DD 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host:
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
38ffd1d0d0cfc554c8037dccdf87b7ea85b1d618f42a07bd112aa15ee60e3e2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Aug 2025 17:35:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Aug 2025 17:07:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.present
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
x-content-type-options
nosniff
Content-Length
43
x-xss-protection
1; mode=block
Date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
stat.gif
referrer.disqus.com/juggler/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.no_consent
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
x-content-type-options
nosniff
Content-Length
43
x-xss-protection
1; mode=block
Date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
svg-sprite.4d4793ead94570e89fe80e89a75c69e2.svg
c.disquscdn.com/next/embed/assets/img/ Frame 23DD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4d4793ead94570e89fe80e89a75c69e2.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
94ffbb1a1e6d829be1314699e0b27cb89da96fd8ef0774240f2a8138f898cacf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css

Response headers

surrogate-key
next
etag
"67926418-3a51"
age
17742027
x-content-type-options
nosniff
expires
Tue, 27 Jan 2026 09:14:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
_2WnJsSjC7H_F-MnmpnraEbLwJaym3mmKL66MJzJZTsqmKDFWWWn6A==
date
Mon, 27 Jan 2025 09:14:55 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Thu, 23 Jan 2025 15:45:28 GMT
x-cache-hits
0
x-served-by
static-web-2
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14929
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 23DD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css

Response headers

surrogate-key
next
etag
"67926418-b9b"
age
17742027
x-content-type-options
nosniff
expires
Tue, 27 Jan 2026 09:14:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
m2BU0jZC6hC6_eoZqg8ueHzbexU3exNlt0bML7ZikFZTL7Gu7aYY2g==
date
Mon, 27 Jan 2025 09:14:55 GMT
content-type
image/gif
last-modified
Thu, 23 Jan 2025 15:45:28 GMT
x-cache-hits
0
x-served-by
static-web-2
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
2971
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 23DD 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css

Response headers

surrogate-key
next
etag
"67926418-348"
age
17742027
x-content-type-options
nosniff
expires
Tue, 27 Jan 2026 09:14:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
vYSrSRzD5lRT31qqYoi6t1SO8_4g_b9AzgESunN6z7vemL1Ifiy5sQ==
date
Mon, 27 Jan 2025 09:14:55 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Thu, 23 Jan 2025 15:45:28 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
840
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 23DD 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css

Response headers

surrogate-key
next
etag
"67c89989-37b"
age
14407478
x-content-type-options
nosniff
expires
Fri, 06 Mar 2026 23:30:44 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
tI54NWwUMiWC-LnVrZrxlrG-DJAaHGkjFEGCoS_usJvTDjPyQ7J7NQ==
date
Thu, 06 Mar 2025 23:30:44 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Wed, 05 Mar 2025 18:35:53 GMT
x-cache-hits
0
x-served-by
static-web-1
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
891
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 23DD 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css

Response headers

surrogate-key
next
etag
"67c89989-25d"
age
14407478
x-content-type-options
nosniff
expires
Fri, 06 Mar 2026 23:30:44 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
lFE05a-3p46w21MBNezVg1OqQSwMH_hYVqYiQt9e4PSe_H-OfzMqnw==
date
Thu, 06 Mar 2025 23:30:44 GMT
content-type
image/svg+xml; charset=utf-8
last-modified
Wed, 05 Mar 2025 18:35:53 GMT
x-cache-hits
0
x-served-by
static-web-2
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 68a32dce20d0762e3778fb28ca194854.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
605
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
icons.79e576f9489bae308388e5b8e250aa86.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 23DD 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.79e576f9489bae308388e5b8e250aa86.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-214-105.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8dc675da542f629aca965669b35900a5ed0685f4d87dce9eac4660baf4493687
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://c.disquscdn.com/next/embed/styles/lounge.83585fd2dd4aeeb086f4d302697e25d4.css

Response headers

surrogate-key
next
etag
"67523141-2018"
age
21916055
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 01:47:47 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
daKFQhlnI-m5M4qHB5TnUyV-5lQ-LaWC26VRlrIiMXJjwjr3bwG8ZQ==
date
Tue, 10 Dec 2024 01:47:47 GMT
content-type
application/octet-stream
last-modified
Thu, 05 Dec 2024 23:03:29 GMT
x-cache-hits
0
x-served-by
static-web-2
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 31f99335e123f7c9f6d5f06a3508646e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
8216
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA50-P1
server
nginx
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 23DD 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://fonts.googleapis.com/

Response headers

age
505581
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 21:09:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Aug 2025 21:09:01 GMT
last-modified
Thu, 29 May 2025 23:30:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 23DD 		39 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://fonts.googleapis.com/

Response headers

age
505581
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 21:09:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Aug 2025 21:09:01 GMT
last-modified
Thu, 29 May 2025 23:30:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 23DD 		39 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://fonts.googleapis.com/

Response headers

age
505581
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 21:09:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Aug 2025 21:09:01 GMT
last-modified
Thu, 29 May 2025 23:30:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
KFO5CnqEu92Fr1Mu53ZEC9_Vu3r1gIhOszmkBnka.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 23DD 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO5CnqEu92Fr1Mu53ZEC9_Vu3r1gIhOszmkBnka.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
9ec9eb9108f1752c30ba316606858d685a112a609d8bef1fb3d5d32c8e0b6507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://fonts.googleapis.com/

Response headers

age
121338
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:53:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:53:04 GMT
last-modified
Thu, 29 May 2025 23:37:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
44192
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 23DD 		39 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://fonts.googleapis.com/

Response headers

age
505581
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Aug 2026 21:09:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Aug 2025 21:09:01 GMT
last-modified
Thu, 29 May 2025 23:30:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
KFO5CnqEu92Fr1Mu53ZEC9_Vu3r1gIhOszmkBnka.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 23DD 		43 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO5CnqEu92Fr1Mu53ZEC9_Vu3r1gIhOszmkBnka.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
9ec9eb9108f1752c30ba316606858d685a112a609d8bef1fb3d5d32c8e0b6507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://disqus.com
Referer
https://fonts.googleapis.com/

Response headers

age
121338
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Aug 2026 07:53:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Aug 2025 07:53:04 GMT
last-modified
Thu, 29 May 2025 23:37:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
44192
x-xss-protection
0
server
sffe
event.gif
referrer.disqus.com/juggler/ Frame 23DD 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=190&event=init_embed&thread=10598603918&forum=telegraficom&forum_id=819747&imp=58ov0p012dhaph&thread_slug=james_van_der_beek_flet_hapur_per_betejen_e_tij_me_kancerin_e_zorres_se_trashe_e_gjitha_filloi_me_nj&user_type=anon&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false&referrer=https%3A%2F%2Ftelegrafi.com%2F
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=telegraficom&t_i=4346907&t_u=https%3A%2F%2Ftelegrafi.com%2Fen%2Fjames-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate%2F&t_d=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&t_t=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&s_o=default

Response headers

Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
x-content-type-options
nosniff
Content-Length
43
x-xss-protection
1; mode=block
Date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
dsp.aspx
ads.futureads.io/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?rct=3&zone=ffecdce3-0155-410f-9306-9ef2c6d3c171&zoneInt=119273&sect=57128&site=50681&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
inv-nets.admixer.net/ 		13 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?rct=3&zone=f7476d06-946b-451b-a1dc-7a949adb45c0&zoneInt=118909&sect=56986&site=50306&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
1
serving.stat-rock.com/v1/log/js/ 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1755711322224.6868&type=INIT&placementId=jBsDrr2VjZQa&tagId=&message=&u=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&t=581&v=122&w=l5Z1JGualgXm&width=664&z=p%3Apl%3Bv%3AinPage%3B&r=0.5786660912332815
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://telegrafi.com/

Response headers

srvf
199.101.135.227
access-control-allow-origin
https://telegrafi.com
srvb
127.0.0.1:8082
content-length
35
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
nginx
1
serving.stat-rock.com/v1/log/js/ 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1755711322224.6868&type=REQUEST&placementId=jBsDrr2VjZQa&tagId=PAFotW5YPT9q&vtId=9xsnqOHS9uk4&message=&u=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&t=585&v=122&w=l5Z1JGualgXm&width=664&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.34379270167721576
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://telegrafi.com/

Response headers

srvf
199.101.135.227
access-control-allow-origin
https://telegrafi.com
srvb
127.0.0.1:8082
content-length
35
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
nginx
1
serving.stat-rock.com/v1/log/js/ 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1755711322224.6868&type=REQUEST&placementId=jBsDrr2VjZQa&tagId=QIVLMbUZQcfN&vtId=hmTJ1wFHh-ep&message=&u=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&t=586&v=122&w=l5Z1JGualgXm&width=664&z=p%3Apl%3Bpt%3APRE%3Bv%3AinPage%3Bc%3Avast%3Bt%3Aurl%3B&r=0.17874703244866208
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.101.135.227 , United States, ASN40824 (WZ-US-40824, US),
Reverse DNS
ap7.adplayer.pro
Software
nginx /
Resource Hash
abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin
https://telegrafi.com
Referer
https://telegrafi.com/

Response headers

srvf
199.101.135.227
access-control-allow-origin
https://telegrafi.com
srvb
127.0.0.1:8082
content-length
35
date
Wed, 20 Aug 2025 17:35:22 GMT
content-type
image/gif
server
nginx
dsp.aspx
ads.futureads.io/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?rct=3&zone=ffecdce3-0155-410f-9306-9ef2c6d3c171&zoneInt=119273&sect=57128&site=50681&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
inv-nets.admixer.net/ 		13 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?rct=3&zone=f7476d06-946b-451b-a1dc-7a949adb45c0&zoneInt=118909&sect=56986&site=50306&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202508140101/pubads_impl.js?cb=31094144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegrafi.com/

Response headers
dsp.aspx
ads.futureads.io/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?rct=3&zone=ffecdce3-0155-410f-9306-9ef2c6d3c171&zoneInt=119273&sect=57128&site=50681&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
inv-nets.admixer.net/ 		13 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?rct=3&zone=f7476d06-946b-451b-a1dc-7a949adb45c0&zoneInt=118909&sect=56986&site=50306&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
ads.futureads.io/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?rct=3&zone=ffecdce3-0155-410f-9306-9ef2c6d3c171&zoneInt=119273&sect=57128&site=50681&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
inv-nets.admixer.net/ 		13 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?rct=3&zone=f7476d06-946b-451b-a1dc-7a949adb45c0&zoneInt=118909&sect=56986&site=50306&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
ads.futureads.io/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?rct=3&zone=ffecdce3-0155-410f-9306-9ef2c6d3c171&zoneInt=119273&sect=57128&site=50681&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
inv-nets.admixer.net/ 		13 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?rct=3&zone=f7476d06-946b-451b-a1dc-7a949adb45c0&zoneInt=118909&sect=56986&site=50306&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
ads.futureads.io/ 		13 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.futureads.io/dsp.aspx?rct=3&zone=ffecdce3-0155-410f-9306-9ef2c6d3c171&zoneInt=119273&sect=57128&site=50681&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
dsp.aspx
inv-nets.admixer.net/ 		13 B
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?rct=3&zone=f7476d06-946b-451b-a1dc-7a949adb45c0&zoneInt=118909&sect=56986&site=50306&rnd=[CACHEBUSTING]
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/futureads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.202.167.155 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

keep-alive
timeout=25
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
https://telegrafi.com
content-length
13
p3p
CP="NID DSP ALL COR"
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
content-type
application/xml; charset=utf-8
server
nginx
logcz.aspx
ads.futureads.io/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.futureads.io/logcz.aspx?zone=1748d37f-c0ef-4e63-94a4-1c4536009fcd
Requested by
Host: telegrafi.com
URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.167.156 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.156.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

access-control-allow-origin
*
keep-alive
timeout=25
date
Wed, 20 Aug 2025 17:35:22 GMT
x-xss-protection
0
server
nginx
access-control-allow-credentials
true
khaos.json
token.rubiconproject.com/ Frame 38E9 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
579d6dd278f76ae39d067788043e4297
content-length
7
content-type
application/json; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 50B1 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
579d6dd278f76ae39d067788043e4297
content-length
7
content-type
application/json; charset=UTF-8
favicon.ico
telegrafi.com/wp-content/themes/telegrafi/assets/icons/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://telegrafi.com/wp-content/themes/telegrafi/assets/icons/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.19 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3ecdbad83024407503ee4ae35d713261f2c1985e8c1cfc8566e40f5a22802c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"642def0b-3bee"
age
347946
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BOnGJiEUl14Tg75Kj%2B2bkR7eAzsKIgL6k6qPNXIjQmM0lr3q%2FYtpSrPMs2KxehYY9w9ZZJ54jSCFuJ816I8Kvca8S%2Bh%2BKEXhoVTFscQ%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Aug 2025 17:35:23 GMT
content-type
image/x-icon
vary
accept-encoding
last-modified
Wed, 05 Apr 2023 21:58:35 GMT
cache-control
public, max-age=31536000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma
public
cf-ray
9723a59d88efd398-FRA
server
cloudflare
collect
n.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.25/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://telegrafi.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://telegrafi.com
Date
Wed, 20 Aug 2025 17:35:24 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
d1hyarjnwqrenh.cloudfront.net/ 		13 B
411 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d1hyarjnwqrenh.cloudfront.net/
Requested by
Host: geotags.refinery89.com
URL: https://geotags.refinery89.com/telegraficom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.92.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-94.fra56.r.cloudfront.net
Software
/
Resource Hash
9c3d7603be7c82300f577b0470442c8b92facf9890913e011da57ce9d5a32b1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://telegrafi.com/

Response headers

x-amzn-trace-id
Root=1-68a6075e-30d733496b6548eb1711be41;Parent=2b6796a3a830ab33;Sampled=0;Lineage=1:909a93bf:0
x-amzn-requestid
f5c07edf-5da8-4282-a6ff-237e78638f52
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://telegrafi.com
x-cache
Miss from cloudfront
content-length
13
x-amz-cf-id
fNK64eGduJ1WWhbMkiVF_Kardyh-yMYnb_TXLbtxNFc2j8p7OpkYTw==
date
Wed, 20 Aug 2025 17:35:26 GMT
content-type
application/json
vary
Origin
x-amz-cf-pop
FRA56-P2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GGFDBX585G&gtm=45je58j0h1v881389386z8841113365za200zb9180397921zd9180397921&_p=1755711320852&gcs=G10-&gcd=13m3lPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=10_5b&tag_exp=101509157~103116026~103200004~103233427~104527907~104528500~104684208~104684211~104948813~105102052&cid=652032174.1755711321&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAACAAQ&_s=2&sid=1755711321&sct=1&seg=1&dl=https%3A%2F%2Ftelegrafi.com%2Fen%2FJames-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom%2F&dt=James%20Van%20Der%20Beek%20speaks%20openly%20about%20his%20battle%20with%20colon%20cancer%3A%20It%20all%20started%20with%20a%20subtle%20symptom%20-%20Telegraph%20-%20Telegraph&en=page_view&_et=17&tfd=7290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGFDBX585G&cx=c&gtm=45He58j0h1v9180397921za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer
https://telegrafi.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to
{"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://telegrafi.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:102:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Aug 2025 17:35:26 GMT
content-type
text/plain
server
Golfe2
nblk
sbp.izooto.com/ 		0
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbp.izooto.com/nblk
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.128.65 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://telegrafi.com/

Response headers

cf-cache-status
DYNAMIC
cf-ray
9723a5e52d5de85c-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Wed, 20 Aug 2025 17:35:35 GMT
server
cloudflare
priority
u=1,i
collect
n.clarity.ms/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.25/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://telegrafi.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://telegrafi.com
Date
Wed, 20 Aug 2025 17:35:36 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
localhost/socket.io/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
u.heatmap.it
URL
https://u.heatmap.it/log.js
Domain
localhost
URL
http://localhost:9090/socket.io/?EIO=3&transport=polling&t=PZ8ZBF7
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58613/occ
Domain
s.console.adtarget.com.tr
URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Domain
a4p.adpartner.pro
URL
https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/95264?id=0bb275cd9cc249af9ca879107e32817c&redir=http%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE79834FA-1283-461F-B037-597734C3B6F0%26id%3D%24_BK_UUID
Domain
ads.us.e-planning.net
URL
https://ads.us.e-planning.net/uspd/1/786defbc5f2dbc35?ruidm=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Domain
u-ams03.e-planning.net
URL
https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=49c2ecf1ff8ee8ac
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D49c2ecf1ff8ee8ac%26uid%3D%24UID
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58613/occ
Domain
u-ams03.e-planning.net
URL
https://u-ams03.e-planning.net/um?uid=&dc=4cb5e7f09da39e40&fi=49c2ecf1ff8ee8ac
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D49c2ecf1ff8ee8ac%26uid%3D%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=b66ffb8c-6a6d-464b-504c-3406da3ca06d?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dcce0aec-d35e-440c-488a-69ea1f5ff821?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Domain
localhost
URL
http://localhost:9090/socket.io/?EIO=3&transport=polling&t=PZ8ZGGN

Verdicts & Comments Add Verdict or Comment

240 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 function| gtag object| dataLayer object| isMobile object| yieldlove_cmd boolean| yieldlove_prevent_autostart object| __lxG__ object| __lxG__consent__ object| googletag object| adsbygoogle function| __tcfapi object| pbjsYLHH object| YLHH object| yieldlove_site_settings string| yieldlove_ad_layout object| yieldlove_currency_rates object| yieldlove_sticky_allowed_io_line_items object| yieldlove_ab object| yieldlove_cmp object| yieldlove_tc object| pbjsYLHHChunk object| _pbjsGlobals object| prebidEvents string| GoogleAnalyticsObject function| ga object| _io_config function| $ function| jQuery function| io function| clarity object| globalAmlAds object| _izq object| izConfig function| fbAsyncInit function| playerPro function| disqus_config object| ajax_object function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp boolean| ai_ip string| ai_data_id string| ai_ajax_url function| m function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| da function| ia function| u function| y function| v function| b64e function| b64d object| ai_front object| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists function| ai_process_ip_addresses function| ai_run_870415640310 boolean| ai_js_code object| clickioDiagnostic object| ggeac object| google_tag_data object| google_js_reporting_queue function| fbq function| _fbq object| admixTMLoad function| _izooto object| __io object| r89Data function| filterUndefined function| uuid function| checkScreenSize function| removeNulls function| returnBidderObject function| createTag function| checkConsentData function| checkFullConsent function| setAdConsent function| stickySidebarWithTakeover function| createGAMSlot function| preparePBJSBidders function| sendAdserverRequest function| createSidebar function| getAdMinHeight function| scheduleChange function| runScheduler function| allowRefresh function| getSlotData function| setStickyCloseButton function| stickyManager function| toggleStickyDiv function| initGPT function| setBidderCustomConfig function| adjustBidSize function| initPBJS function| initAPS function| changeCmpStatusToLoaded function| cmpCallback function| inmobi function| consentmanagernet function| tcf2 function| generateWrapper function| retrieveFloor function| getFloor function| getGAMFloor function| removeFloorWithoutConsent function| lazyLoadattachObserversOnWrappers function| setContext$2 function| setContext$1 object| commonjsGlobal function| getDefaultExportFromCjs function| getAugmentedNamespace object| sha256 object| core number| hasRequiredCore object| CryptoJS function| requireCore object| encHex$1 object| r89 object| r89_pbjs object| admixerJSONP function| HELPER object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| _aps boolean| apstagLOADED object| apstag object| AMP object| google_tag_manager object| FB object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| teadsscript object| google_reactive_ads_global_state object| DISQUS object| hb_dmx_res function| postscribe object| google_tag_manager_external function| getWebGLFingerprint function| setCookie function| getWebGLVendorRenderer object| DISQUSWIDGETS object| __buffer object| webpackChunktelegrafi string| order object| notIn function| ai_document_write string| selector_string function| setEditionCookie function| copyDataUrl function| fbShare function| twShare function| menuShare object| teads boolean| ai_ip_data_requested object| clarityOverrides object| default_ContributorServingResponseClientJs object| _F_toggles_default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tagmanjsonp__ object| admixTM object| webVitals function| html2canvas function| _open string| ai_ip_data function| AdPlayerPro boolean| r89cra object| _taboola function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback function| arrive function| unbindArrive function| leave function| unbindLeave

59 Cookies

Domain/Path Name / Value
telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom Name:
Value: store.test
.admixer.net/gadx Name: am-uid
Value: 0bb275cd9cc249af9ca879107e32817c
telegrafi.com/ Name: uid
Value: QRV2W2imB1hpr8gcXg60Ag==
.izooto.com/ Name: __cf_bm
Value: _fPvez6vwJKKn6YtFxO_yzr9EO1P9kXu0GNmughp8oI-1755711320-1.0.1.1-8Elua8it5QhdM3nu0OPDoPzhR_LPU3x9QDgcSPXqTkG7EE2hZm0uBtQYzpjXQKxEN.s20sdaHvY_exF.uNBAduz6_y7WGbiNGtFJUvUZg5w
telegrafi.com/ Name: _io_ht_r
Value: 1
telegrafi.com/ Name: store.test
Value:
www.clarity.ms/ Name: CLID
Value: 81304b852b4c41848fc0c317c206add5.20250820.20260820
.izooto.com/ Name: IZCID
Value: 0f5a45f3-212c-40ce-a392-fa430fe90026
.telegrafi.com/ Name: _gid
Value: GA1.2.234374626.1755711321
.telegrafi.com/ Name: am-uid-f
Value: 0bb275cd-9cc2-49af-9ca8-79107e32817c
.telegrafi.com/ Name: _fbp
Value: fb.1.1755711321104.625737247631061289
.beehiiv.com/ Name: __cf_bm
Value: Y1uh2EK9swsJgF2y0D1p6xruaFgUMGaFG2tHlFpml.w-1755711321-1.0.1.1-8m_I2GMwn_PU2_5R_lEqAG2p_MXfjOr5CaWP1A7X6ELw9f8L6XevZyuH2oJ_qcqk3j9uYmv7ephCYWmFnfcXbena9DYJxrGtEcglWfFQwaQ
.telegrafi.com/ Name: _gat
Value: 1
.ads.futureads.io/ Name: am-uid
Value: 0bb275cd9cc249af9ca879107e32817c
.telegrafi.com/ Name: _ga
Value: GA1.1.652032174.1755711321
.telegrafi.com/ Name: _ga_GGFDBX585G
Value: GS2.1.s1755711321$o1$g1$t1755711321$j60$l0$h0
.telegrafi.com/ Name: _ga_32SPFKJ85B
Value: GS2.1.s1755711321$o1$g0$t1755711321$j60$l0$h0
telegrafi.com/ Name: am-uid
Value: 0bb275cd9cc249af9ca879107e32817c
.admixer.net/ Name: am-uid
Value: 0bb275cd9cc249af9ca879107e32817c
ads.us.e-planning.net/ Name: CT
Value: 1
.adform.net/ Name: uid
Value: 2024904917186161632
.e-planning.net/ Name: E
Value: AFGrKBOiu5gxrZgU
.rmp.rakuten.com/ Name: Rp
Value: 4a6b77f2c843cff932632cb182d168a6075963ccf65a5b01
.doubleclick.net/ Name: IDE
Value: AHWqTUmN-i-U_8ZXSTzbOsWWWobhUEi3w09tQVtcfIme2LpSrF6PZ53ScDGZC1z5VSE
.demdex.net/ Name: demdex
Value: 79559606197598490432118735808129429938
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 29997d2f-c4b7-52e8-bc29-19cbd48f1e92
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: aKYHWQAKqnhaxiiZqVxHqAGfiACA59a22RtIPQ==
.admatic.de/ Name: uid
Value: f5a91c5d-5345-49eb-a42f-fd7a79445bbf
.dpm.demdex.net/ Name: dpm
Value: 79559606197598490432118735808129429938
.zeotap.com/ Name: zc
Value: dcce0aec-d35e-440c-488a-69ea1f5ff821
.zeotap.com/ Name: zsc
Value: %9B9nB%F3%E1.F%CD%D7%19~%02%E2%1DP%11%7C%19%F4%3Cg%99%8FS%D9%FD%2C%ED%275%2Cv%F8%AF%09%BBx%CE%0BM%8E%85%3A%B0%91%12%11RH%0EVlO%CE%C5%E5%3F%3E%FEs%FE%F3v%83%D7%0A%1E%AD%5B%5E%A1%DE%9E%93%88%F3F%CF%C2%D1%F9%D9%A2%15%7D%3EA%3F%84%3D%B3%9B%1AB%DBJ%8E%ED%A1Q%CA%8A%13%B9%D8%A4W%7D%93Qm%16%C4%0E%A0~Ft%25%2C%D5%B3X%9B%10q%D2%C8%25k%AE%F8%EE%B8%B7%A7.-%03%B6E%A5%A7%03%C3V%C1%DAr%A0%B7m%BC
.admanmedia.com/ Name: admtr
Value: 4d97de37-578d-491d-95b9-7749ed970ef4
.admanmedia.com/ Name: ac_r
Value: CS207:1756316121746
.mgid.com/ Name: lmg_usr
Value: b461729f-a670-443a-b202-8bd5f901c57b
.mgid.com/ Name: lmg_r
Value: 44
.trafmag.com/ Name: vid
Value: 6056636226297984
.csync.loopme.me/ Name: viewer_token
Value: 681f584d-be26-486f-ab37-c1a56b5894b6
.casalemedia.com/ Name: CMID
Value: aKYHWbmqPDkAC22PBQZa0gAA
.casalemedia.com/ Name: CMPS
Value: 1126
.casalemedia.com/ Name: CMPRO
Value: 1126
.creativecdn.com/ Name: g
Value: PrvWt9ogkznmySxdFrvz_1755711321855
.creativecdn.com/ Name: ts
Value: 1755711321
.adx.opera.com/ Name: UID
Value: OPU187cfd51055547e29f3b06709f8e5609
.admatic.de/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG1hdGljZGUiOnsiZXhwaXJlcyI6IjIwMjUtMDktMTlUMTc6MzU6MjEuODg0WiIsInVpZCI6IjdlMDNkM2E3LTk4MGItNGViNC04YjJkLTI0OTBkYmI5ZjA2NiJ9LCJhZGZvcm0iOnsiZXhwaXJlcyI6IjIwMjUtMDktMTlUMTc6MzU6MjEuOTAwWiIsInVpZCI6IjIwMjQ5MDQ5MTcxODYxNjE2MzIifSwibWVtYnJhbmEiOnsiZXhwaXJlcyI6IjIwMjUtMDktMTlUMTc6MzU6MjEuOTA5WiIsInVpZCI6IjMzZWZhODQ4LTc4Y2YtNGYwMi1hOWI0LWUwZGQ5MTEyNGQ3OSJ9fX0=
.adfarm1.adition.com/ Name: UserID1
Value: 7540722704966351210
server.smartytech.io/ Name: uid
Value: 237d3c6a-756c-4579-afe0-06d4e0dc2878
.rqtrk.eu/ Name: browser_id
Value: 1:da1dc9f6-28f3-4514-9fd9-c0c972c8703c
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-19e585bf-3d7b-50fa-5184-01b1005b3612.krLIINXNrzPu0C2IZLxIDXTlHHke52kstROMtfA8%2B%2FE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-19e585bf-3d7b-50fa-5184-01b1005b3612.krLIINXNrzPu0C2IZLxIDXTlHHke52kstROMtfA8%2B%2FE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGeWFvz17UPpRhAGxAFs2EsEdahM.Bm3q6XrRxsmwZBqPgxfCWU19VA72kBXwhtodLrS0Ptk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGeWFvz17UPpRhAGxAFs2EsEdahM.Bm3q6XrRxsmwZBqPgxfCWU19VA72kBXwhtodLrS0Ptk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMOsUlMTWLBo7Gz06GQ4_-JZLHfNo9YgMKISFCgnB1eeENYBGAQg2o6YxQYwAToE-HPLOkIEwKRI0Q.Pfwdusvpp2bfDaai%2Bj6Diiy4ZcrJbGnRxItxB4Qb42Q
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMOsUlMTWLBo7Gz06GQ4_-JZLHfNo9YgMKISFCgnB1eeENYBGAQg2o6YxQYwAToE-HPLOkIEwKRI0Q.Pfwdusvpp2bfDaai%2Bj6Diiy4ZcrJbGnRxItxB4Qb42Q
.fwmrm.net/ Name: _uid
Value: umo0299_7540784854794911357
.krushmedia.com/ Name: krm_usr
Value: 14db766d-08ae-5533-b147-c6a69643cc03
.krushmedia.com/ Name: krm_r
Value: 192:1756920923601
.telegrafi.com/ Name: ga_2T71244MRJ
Value: 62fe1112cd592636075715c397999b6697f251d104743e64a2f7dd02c5794dd3

22 Console Messages

Source Level URL
Text
network error URL: https://u.heatmap.it/log.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://telegrafi.com/james-van-der-beek-flet-hapur-per-betejen-e-tij-kancerin-e-zorres-se-trashe-e-gjitha-filloi-nje-simptome-delikate/%E2%81%A6https://cdn.commoninja.com/sdk/latest/commonninja.js%E2%81%A9
Message:
Failed to load resource: the server responded with a status of 404 ()
rendering warning URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0002A0914290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network error URL: https://telegrafi.com/en/wp-admin/admin-ajax.php?action=ai_ajax&ip-data=ip-address-country-city
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=dcce0aec-d35e-440c-488a-69ea1f5ff821&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=b66ffb8c-6a6d-464b-504c-3406da3ca06d&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://tags.bluekai.com/site/95264?id=0bb275cd9cc249af9ca879107e32817c&redir=http%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE79834FA-1283-461F-B037-597734C3B6F0%26id%3D%24_BK_UUID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://c1.adform.net/serving/cookie/match?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dcce0aec-d35e-440c-488a-69ea1f5ff821&reqId=deaa8085-a5ee-4af0-6873-16952cb3aceb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=b66ffb8c-6a6d-464b-504c-3406da3ca06d&reqId=ecc6e09b-c13b-45ae-6f6a-e17ba7fe5964&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=0bb275cd9cc249af9ca879107e32817c&redir=[RED]
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
rendering warning URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070200014290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A0200014290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D0200014290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
javascript warning URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Message:
The resource https://tags.refinery89.com/prebid/prebid9.35-v4.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://telegrafi.com/en/James-van-der-Beek-speaks-out-about-his-colon-cancer-battle-It-all-started-with-a-subtle-symptom/
Message:
The resource https://tags.refinery89.com/prebid/prebid9.35-v4.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.betweendigital.com
ads.futureads.io
ads.pubmatic.com
ads.us.e-planning.net
adsv.net
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
c.amazon-adsystem.com
c.disquscdn.com
c1.adform.net
cdn-a.yieldlove.com
cdn.admixer.net
cdn.ampproject.org
cdn.clickiocdn.com
cdn.confiant-integrations.net
cdn.izooto.com
cdn.jsdelivr.net
cdn.onthe.io
cdnjs.cloudflare.com
clickiocmp.com
cm-x.mgid.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
content.admixer.net
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
cs.mobfox.com
csync.loopme.me
d1hyarjnwqrenh.cloudfront.net
disqus.com
dm-eu.hybrid.ai
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp-service.admatic.de
dsp.adfarm1.adition.com
embeds.beehiiv.com
eu-rtbstack-cm.admixer.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geotags.refinery89.com
gum.criteo.com
hb.trustedstack.com
ib.adnxs.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets-eu.admixer.net
inv-nets.admixer.net
localhost
m.trafmag.com
match.adsrvr.org
match.sharethrough.com
mwzeom.zeotap.com
n.clarity.ms
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
prebid-match.dotomi.com
prebid.a-mo.net
prebid.admatic.de
pub-e182faea6e2146519474f280e42e51ff.r2.dev
referrer.disqus.com
region1.google-analytics.com
s-cs.rmp.rakuten.com
s.clickiocdn.com
s.console.adtarget.com.tr
s.e-planning.net
sbidder-new-inv-eu.admixer.net
sbp.izooto.com
scripts.clarity.ms
scripts.futureads.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
server.smartytech.io
serving.stat-rock.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.cdn.admatic.de
sync-service.net
sync-tm.everesttech.net
sync.srv.stackadapt.com
sync.teads.tv
t.adx.opera.com
t.teads.tv
tags.bluekai.com
tags.crwdcntrl.net
tags.refinery89.com
tdns0.gtranslate.net
telegra.fi
telegrafi.com
telegraficom.disqus.com
token.rubiconproject.com
trc.taboola.com
tt.onthe.io
u-ams.4dex.io
u-ams03.e-planning.net
u.heatmap.it
unpkg.com
up.clickiocdn.com
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
ws.rqtrk.eu
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.top.ge
x.bidswitch.net
a4p.adpartner.pro
ads.us.e-planning.net
bcp.crwdcntrl.net
beacon.krxd.net
ib.adnxs.com
localhost
s.console.adtarget.com.tr
tags.bluekai.com
u-ams03.e-planning.net
u.heatmap.it
ups.analytics.yahoo.com
usermatch.krxd.net
103.231.98.106
104.102.33.206
104.16.128.65
104.17.24.14
104.18.1.22
104.18.20.114
104.18.27.193
104.18.54.45
104.18.69.40
104.26.12.42
104.26.15.135
108.138.3.93
116.202.11.241
116.202.167.133
116.202.167.155
116.202.167.156
116.202.167.157
13.107.253.44
136.243.254.123
142.250.181.238
142.250.185.174
142.250.185.234
142.250.185.67
142.250.186.136
142.250.186.34
142.250.186.65
142.250.186.98
146.59.69.183
151.101.0.134
151.101.130.49
151.101.193.229
151.101.2.132
151.101.65.44
157.240.0.6
157.240.251.35
163.5.194.37
167.235.184.171
172.175.234.12
172.217.16.130
172.64.144.166
172.67.135.19
172.67.192.173
172.67.72.108
178.250.1.11
18.153.64.118
18.159.85.19
18.202.121.175
18.66.112.59
18.66.92.94
184.28.88.244
184.86.251.220
185.15.245.83
185.184.8.90
188.40.115.112
188.42.191.196
188.93.89.87
193.200.65.6
193.3.178.2
193.3.178.3
198.47.127.19
199.101.135.227
199.232.192.134
199.232.196.134
2.23.9.130
2.23.9.182
204.62.12.209
216.239.34.36
216.58.212.163
23.75.65.182
3.144.50.154
3.171.214.105
3.209.134.128
31.28.167.114
34.1.227.231
34.241.66.95
34.95.81.88
35.214.136.108
35.214.192.129
35.71.131.137
37.157.2.229
37.157.5.141
37.157.5.84
37.187.82.222
37.230.131.21
46.8.152.14
51.89.9.254
52.18.69.40
52.94.222.140
57.129.18.111
65.9.66.122
69.173.144.165
8.2.110.161
8.2.110.206
8.2.110.97
80.77.82.130
80.77.87.162
82.145.213.8
85.114.159.118
88.99.85.119
89.207.16.140
92.223.124.62
95.211.66.35
99.84.152.26
99.86.4.42
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
025ca9d5ebe79dc1b7d2efb378e0267be3d8261a964a98b516249ea634b02ba9
02b3d55a9140b64c87fc0ea75fecfe2b5f24434f6b52e2332a319833bd52aa05
051f6d42f6630832b4b457e8a903ceaba20aa7ea82abcfbeb23950be161fea48
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0aa5b9973f1496ad90c9f7a5e6cfcfa93b4fd97644ab94262b67f917368aebea
0af26f92d8e00cc24a644a16f1641f0ca320dbce4e22e8c986df9ada77100311
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf439bedd5ad524a8d9d905626d09b6e0b8309056a7f964817ced3d4aefd941
0cfd7fdc6e608bc2820e86aa254d06fd2b5142fbf945626c03404a86a65fe4cb
0eea1f50736a5838163ff79ba6ffd3a7c5f43538b84e117abfb04cd627066151
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
18a76dda3744331df3bcb3fb0e94a83558b7317f7b5e224cc62a812e9f3dffe5
1987f790226a8edcf0fc8f13e54546c2e65f91d4f61d8f3509535560d7513d2e
1aaa6a6057d521cf2c5b03343ad340991fb477ca285ee2889a4c1e14b3ae6573
1ccc3a8bfcbfe963e885a54b329cbf203806e32bd1afb1262a13bc0268f879b8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d998fbb745efaa7c1eb0a57c6e8493a617a6932f98dbd0e2624afbe80eef440
1edb3945e1b23e9e0952a4edf9542fee4f7e0242c9d7159189c8c87a7d75c3c1
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
219d3150ef5dc59a5c6aa8a8e4cc6ae75291863f732fdcb2901ae94ad73d0a32
26da6578cb17ad7922d0c6586697ab1c5de86a3cfd46057eec8a9e1f034ac965
27e847108969b0bde29a39b7c686d806dcd8d985ecec56da93d21d905f9d1bc8
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2a26d8b28bf2b15b52d0613a8d2fa84745e75e691ac729d3dbca02c0f977f939
2a4d0db8e03350480c98deeef085a02b038f9598f1113908ad6f9f6346d402fc
2b8cd17d4fdfc7789919c83aff9c8f45e3bc895005fa2e0b2029e49178b77a53
2b9c73ea93831cd5c514484de399628f78240305bd12041dbf4759b80ce8830f
2e3e54a7f5d23bcb6088bb1766e852c5953d1886f1287dbf2e443a10ecf83ca0
2e82982544fd7c2e64649982be7c026e0684a4988f275eec35bb8b640f93ac69
2fd3e362418504cd0dbbefa787ba90e61f397fd04f9cafb5c155d9a82b958913
30869cbf39aa650288f575793eaeda06579bff6d5542b8bfa38b15427806ae70
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a970fbdb3a10fb419eae26fc7e35b51a0bc22f0d9fc7fda887c6b28a67b2b5
33db99b2fdea7e2ef65907c6fb31f54c1bc78196689ffc8dac26637090a8eb8e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3536c49d21f8bb0036403712f096d6a6240217fadf060c48e811793e8444b17e
3538020876d18f388e1c1341eefc54dbeaf3c67ad3381e9c739f3a7a86cf647a
356ce7763c3643cf5668a1fee290ab88f24d4be82adb64792d7fd496d591baa5
357717320ce31217108ce712773787245503044b6ee935370aaf0d45f88f110c
35f4d6bc0f6f32516792868a212c543c899d1448ccf9051e30d1232bb05d0d8b
38ffd1d0d0cfc554c8037dccdf87b7ea85b1d618f42a07bd112aa15ee60e3e2d
399f4025d84a9c4d03ccdb2167429d123c8a4c0faaf7b2c7ffccee067855ef11
3a11296a53fb17a0c0b4ac764231177161a178a0431137ac65e17ef681734b91
3b9225aa63452ef9b19342f53c41288c5a746d481e647edfde38e29acdbbd809
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
408cb55dfaf3f42245181e9ef1f705cf7045fccfdbef913a5e84aed8f890b654
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46d215a9403afb76b0eed80dace549702c8ab844bb08a8c5de6d95d08e1cd1fb
46e33343abafacdc8435b91312744db16da3bf2a8e49f0310034ee32bf54cb6b
4727f4b39d5daddf7d610e036e0103cb3f86b0d5aec96d89a6491658e79fce02
47582f5f8748ca1f63d9d50cc02a3395d9082fef81c56a4e39fd24697600def3
476113282fa8ddafc269fcc10b2125f4ebadadf175819a4680e770f4087de0ae
481c8382889f68e105a819ab253cbea9e6a52e86d611edd9fde5feae25e1d8a7
481dc734979311fc81b29f6ddd5d0342b16435cb8401913bcd97290c9dfa4e9a
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d2cc16b87d3f592e8775a33b10cdcf583b507ccc15fc697f50ec97c74c38ed3
4e39a2ddd0f2c8384eeeaf9661f4bd840c5c358d8c37a28ac5196679b2679f68
4fa902836352e174b06a253c97ea3a14179615d313f24cbe4be2f3d27ec42c8b
501500a14283788184f78e0c3b0f5d0201824b8d1c680d57f9aaf1eaa618c856
5066c17f1c7ee416e5d797edd2bca200bf682ecb971007d309acc79a85994e33
5224872dfbdea34dd32d3a00c35b6dee0966dc5461e2cb89d3f41bd78bfdc465
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56450b9b1f3c755b563a9ef45ad89868162920c092eee3554031189507aa455a
570cddafeb051fa9b5a5bf1f30bfab40ad0b919dd667df1c9aac96c41137b893
5b79bb6407cc5bd56db9e79e5744c2cb37d65e4756a4a658a63fe6a253962ac4
5d6a25a7ae2d79314c4a50020a561c48c5b11e11df85821db889bc33f15c073c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
65b4ee0998fe4f6e5e023613736e40621371c311d5304935659fe3681d3f85cf
68316eb60a9b86810cdb93ad9b0b35e5fee574be4a3ee781fec58f73b5dfa353
68b1a71a45b9d3e455495f38eac0b125cefcc93ef630722735d07611718fcf3a
68b9bb412c017f2502858d6a1c5ae0e6d991dface900eed257fa12abfe983a8e
6912b382215f9f5e7c6af38b4d6f7e9178873aee20a4a99aef97f3aef7c3854f
69bfabf321e72fceabd2bf22b1f874c7fd06acc4f3afb06228300e54c8e09de9
6ac8401e423b0496990a375a9956ec0b6927078bb71d386e1de9afff4ce783e4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6afde167e85ae2adde8a02d14d24a3067ed4f29901d8b8baa36c0d3b0023a142
6e4fb0aac0b5ed1de25b444a2b159d32236597fb47b5ee9dbcbfb1a9c0b13eeb
6fe12f443d57fba3f686959e72e430698b8a78465c198284f3e44900361cbc28
70e78e0c00a2d8cbf1d73efecf85563c6c4c565d8d1bfe76808ee6a7726d3079
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
722b12970b2c18f919b9a291abb2a945cee9a50b0843fa1ea9ac44e90d8b5a55
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
77fefe8ca19b9f69b5284832c519e0493127c1f091f0a8936884be7721c4e618
788fbc77bce6bd9b0a39d1f51757e2d264e52272c456641af159f68bbdff2046
79a84a8c82bde3a8404daab6f74ac6f83fccb770c0c7206ead3f45ff855a5b3c
7a693305747ece479aa909b01e0709408a85783472feecc794c41ebd9b1d2496
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
819dc7d1df2b8c07b5f2f786ca061da88b9e73bb0d98069c31336b1d60e26dbe
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86056ef260e31c4e2fcbe1532c15307c713cbd4038f03217dd2d4f53011313dc
8890ec954757ea8e4801f49958afb76e2b8837c47fec5b16598fc20cbd49c220
892018efed8ee108fc031413487fb35c442968a332409cd4852c257cd26ecd12
8b26709ae1cee4f752854b88922692674930ae05ffe7966a5324c5a4ae79ece6
8d0c3ce9a877daaf52d6cfb334dcd8d989008e53d291cf043d704bd1372cca38
8d58ae3fa80925fa623fd5320afa7963900dbcd9655de4844e5a2a3b2b766288
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc675da542f629aca965669b35900a5ed0685f4d87dce9eac4660baf4493687
90cd003063ed78f8477e01eaf54a3dfd1cf351a08a5401ae395a743877720c65
90d61c7ac455472f2a33855574c90b019b61d75a07093d23b69976d6dadf3fbc
917a8e0e07eb4d6cfe4e04f19b6292bc973084f303781202dde790f0c366b8ec
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94ffbb1a1e6d829be1314699e0b27cb89da96fd8ef0774240f2a8138f898cacf
961d8ecf165ef797c25958f500f2b85e73f012fec626e93ca57c8dde426e46a4
988d7c09afcbbee597aa14ba9b133dfc6e18998be7f7b87b2ade80ac3e2d7ee6
9ab08afaa18a600718ff515fadb33038b1725eb475d4976317167127ca763408
9ac68c2d22305f51007e713302e302a66fbd1530b4f4c8494e7ebebbf62c0090
9b89a9b74b3f245b7dd66ffaf528d18da8b92337cf009091e5f37cdbfb6adc50
9c31c427e25c7455827c58178586aeec83fdcf940b812731c8e7df1781199630
9c3d7603be7c82300f577b0470442c8b92facf9890913e011da57ce9d5a32b1f
9e3ecdbad83024407503ee4ae35d713261f2c1985e8c1cfc8566e40f5a22802c
9ea43e80784dc51ade98d3cd06d3d0874c4236143d80d209fa2d21e2fd775505
9ec9eb9108f1752c30ba316606858d685a112a609d8bef1fb3d5d32c8e0b6507
a24025c600f832c6d82cdeb2c41c226e197aa6ab99068dafe1a2cb8b0f9ce05c
a3c7cb1431d2db94f0cbf503e8f3ae4cd2232654f4123c405eff1920b673859d
a4305468b9eb96065246c9e56b8fc03def251faf6787fda84f7830ee5bd8bd4f
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604
a9f02bbb505c288a6f4119c6a23bef211ac5973a7e4b8d1c8ed92c6bfd5a81fa
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abb9eded59e356b99a573d6bce7be0919e04dbe6cc4197a73f656f323697ee69
abe93261168650f7e4f5a881a8a71dfa4bf566c6021dd19941fb657d608d419a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af55ac2db7d388772c0f1e8c7306b34a9dcb6c27dc832f541b0b7330c9c6f810
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cfe89e9448d3e904bf7070f89c8ffe439dfac831f72f085a1930b8557ce655
b4b7b11619f7bc0f8185776969675f4dc8617bc6523da7f04a238157d80023a6
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b857a1def0fc5a9e13d2a1f209837c67f5a9592fc4c731043c3f5b736cd39bc6
b92c0ecb51f1feddff076d7404a107d017a90456e30da1975fca73c2c4ec26d8
bbce182957e21c9756c7fda859f8b34923ed7a870950febc6e8bdf732ae3dc87
bc58940647a4767c8e368e395d08a163c6dc724fb1619783ede9dac3fd3fbb8d
bedcbb7735bb55debaf6fececef9ebea69626a9988489d5cd3dcb1c6964fe8ed
c0d54c295e84aaf11b439bade979f79e35442bf2d0019a71d3b1edcc9e5475bc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c716d5eee8445d5369bb364c08538d0fd17b79d96c7236fe13f60a650e539a3e
c888936d3e200d4ec6c4886ee120b610b50710fa1cec182a1f21d4ea496d49ab
c8fa7148f64a068c3c3d705760d2332b0ec1229b419b3d9bf3a07dec3ba3b62d
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
cacdcc80cb80b11e5a961c4d7e382127991fb13d0eace3a0e9c35f975be866e4
cadd864b9d3dbab3c34388c47827b0d8fb1defc19810974a8483ebbb6a774b44
cb07afd15312c356c6ebf3191d1273a4830718f5dba4ce4bcb82d82a8bb38e33
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf098f5b724e6fa2b600734bb9e2a7c1a785592d0892b1498321b6c6b4942b3f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02825a78891e546cf5eb66def8088648e539a6236e099f77e138161f9a01407
d15c45cae59cdef33dc0d8a182f600f18268f2b7e0ef447f717ebf5b08ab4e57
d2712672389b4f6a7c1e74f0f6cfd76b292055c589eeba93e5cff61ab9b8f74a
d3b889055a792d60682f04bcfa39c78b6a2721da5c81b1f460a30d54011b5970
d562906b0434c2d38b8eb89c8a38de1663bcbe874ad144fb5392b749299d339a
d938d6d21a55a7bb8a389cb6ca0fff204cda9532d81b4ca19af184ea3d748ebc
db5b162e10751a7c68db063e3d4e074971b518b961b8ddf2990d10a1361cfac2
dbc0263328f9431516065dcdd9e53c95ebd71d74985d2d481e7f14bb94866253
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e087620eca164cc8498ee379f3bddc8d0daed7148cacf37e29d18d4968bafb85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc0071870ad0ece139b8416f3d7bf2806fa9a6c8008375b4077be7ee94e36a
e41cbb85d5d71e22ddbd25da4e75c0c44b28a95f85cd029709590a567a29e792
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9
ed088b883101dac792e28a5c895ae34d8db3cbe70493513afdd85c766f454959
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17e230830e74bf17fa7a6dceff8b5c3fb8040aaf65f00ff29119e8d417e431f
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
f1c2d8e816f809d7dddbe5fe8a746db314be68452ffec89e9787db1b34b7847f
f228c8c09edcad985c495ccdb4b393df948dce63d4050feb042ccdeabedb2395
f35ef288e8782d61e894b9d085da3bbb94063741a13946a284fd1aa720eed7d8
f3de6e0c8fc22de3d122cb1f2a80e37f961d2d17d5b913c26486316120c8dfe9
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6dce3a4481234283a70f76b3d6f60852aa4042e8886524a55fa62d928ca858d
f6fac5d1a737187eec9f8b453d5bb6dc00e0b4626f841bc2176bdacf440922a3
f9ff19cba515f19b390f0e19ab1612a2c2fc954fab1524a6b9907a67a590cf18
facbb27340d90a1e0b913639b2408557d469d12ade8419fdf07ef2e1a14a5afd
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fd9beddaaec644945809da574cf1caf342073c7e4b46a2ea5bd136c8cf1a9eca
fdd5644a9b17521f3fb411f11b2b8f5d759661e97c358bb0fd368fceee79751c
fe6c9f91827446e8500ce0b8a9a8cdf00a498038c2785fc4a0454e53670a80d1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e