preprod.presstelegram.com Open in urlscan Pro
192.0.66.184 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://preprod.presstelegram.com/
Submission: On November 09 via automatic, source certstream-suspicious (November 9th 2025, 10:13:29 pm UTC) — Scanned from DE

Summary HTTP 227 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 42 domains to perform 227 HTTP transactions. The main IP is 192.0.66.184, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is preprod.presstelegram.com.
TLS certificate: Issued by E7 on November 9th 2025. Valid for: 3 months.

This is the only time preprod.presstelegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	192.0.66.184 192.0.66.184	2635 (AUTOMATTIC) (AUTOMATTIC)
2	65.9.175.113 65.9.175.113	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
4	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
4	18.245.31.35 18.245.31.35	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	13.33.223.41 13.33.223.41	16509 (AMAZON-02) (AMAZON-02)
4	108.177.15.84 108.177.15.84	15169 (GOOGLE) (GOOGLE)
1	52.222.136.25 52.222.136.25	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.118 18.66.147.118	16509 (AMAZON-02) (AMAZON-02)
1	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	54.192.35.109 54.192.35.109	16509 (AMAZON-02) (AMAZON-02)
6	188.240.13.1 188.240.13.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
3	13.107.213.45 13.107.213.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.89.186.140 52.89.186.140	16509 (AMAZON-02) (AMAZON-02)
3	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
2	104.18.43.42 104.18.43.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
5	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.245.31.112 18.245.31.112	16509 (AMAZON-02) (AMAZON-02)
25	172.64.155.82 172.64.155.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	172.64.146.207 172.64.146.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.19.220.32 104.19.220.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.134.60.137 91.134.60.137	16276 (OVH OVH SAS) (OVH OVH SAS)
1	108.139.243.57 108.139.243.57	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	65.8.131.100 65.8.131.100	16509 (AMAZON-02) (AMAZON-02)
3	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
20	188.240.13.2 188.240.13.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
34	142.250.186.182 142.250.186.182	15169 (GOOGLE) (GOOGLE)
3	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	134.122.30.244 134.122.30.244	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	104.18.1.22 104.18.1.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.132.229 104.16.132.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.145.29 172.64.145.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.84.221.63 52.84.221.63	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.61 18.245.46.61	16509 (AMAZON-02) (AMAZON-02)
1	16.182.66.33 16.182.66.33	16509 (AMAZON-02) (AMAZON-02)
1	104.20.23.13 104.20.23.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.117 162.19.138.117	16276 (OVH OVH SAS) (OVH OVH SAS)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.216.248.220 52.216.248.220	16509 (AMAZON-02) (AMAZON-02)
2	20.50.88.233 20.50.88.233	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.102.237 162.19.102.237	() ()
227	51

36 192.0.66.184 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

preprod.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.175.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-175-113.fra60.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.31.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-35.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.223.41 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-223-41.fra60.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.177.15.84 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.136.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-136-25.fra50.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-118.fra60.r.cloudfront.net

m869.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.35.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-35-109.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.240.13.1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

cdn.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-p.cityspark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.213.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loader-config.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2i.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.89.186.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-186-140.us-west-2.compute.amazonaws.com

session.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.41.104 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.43.42 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

flo.uri.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fp.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage.presstelegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-112.fra56.r.cloudfront.net

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.64.155.82 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

public.flourish.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.207 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.220.32 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.60.137 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy04.cl13.ovh.mrf.io

marfeelexperimentsexperienceengine.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-57.mxp63.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.8.131.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-131-100.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.240.13.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

cdn59755463.blazingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.186.182 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 134.122.30.244 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture1.analytics.hbwrapper

cat1.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.1.22 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.132.229 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.145.29 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

hbwrapper.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.221.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-221-63.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-61.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.66.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.23.13 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu

api.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.15 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.248.220 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.233 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.102.237 (None, )

ASN- ()

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	presstelegram.com preprod.presstelegram.com m869.presstelegram.com loader-config.presstelegram.com session.presstelegram.com fp.presstelegram.com g2i.presstelegram.com engage.presstelegram.com	3 MB
34	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	1 MB
25	flourish.studio public.flourish.studio — Cisco Umbrella Rank: 19748	4 MB
20	blazingcdn.net cdn59755463.blazingcdn.net — Cisco Umbrella Rank: 31110	2 MB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 420 aax.amazon-adsystem.com — Cisco Umbrella Rank: 571 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 786	95 KB
6	cityspark.com cdn.cityspark.com — Cisco Umbrella Rank: 28980 cdn-p.cityspark.com — Cisco Umbrella Rank: 24645	40 KB
6	osano.com cmp.osano.com — Cisco Umbrella Rank: 4097	100 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	622 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 19 www.google.com — Cisco Umbrella Rank: 2	92 KB
4	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 7355 marfeelexperimentsexperienceengine.mrf.io — Cisco Umbrella Rank: 15779	81 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132	48 B
4	gstatic.com fonts.gstatic.com	100 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 308	180 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2927
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2881	73 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 261	246 KB
3	connatix.com cd.connatix.com — Cisco Umbrella Rank: 5138 cds.connatix.com — Cisco Umbrella Rank: 3819	114 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 ajax.googleapis.com — Cisco Umbrella Rank: 501	34 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 671	327 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 796 api.id5-sync.com — Cisco Umbrella Rank: 1605	33 KB
2	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9179 paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 44343	1 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 728	3 KB
2	hbwrapper.com cat1.hbwrapper.com — Cisco Umbrella Rank: 43915	403 B
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 14070	40 KB
2	uri.sh flo.uri.sh — Cisco Umbrella Rank: 22668	110 KB
2	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 3302	46 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3869 pixel.wp.com — Cisco Umbrella Rank: 3894	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3967 p1.parsely.com — Cisco Umbrella Rank: 2715	22 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 7132	126 KB
1	newsroom.bi events.newsroom.bi	546 B
1	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 37139	3 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 28324	776 B
1	digitaloceanspaces.com hbwrapper.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 29888	1 KB
1	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 69	443 B
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 33491	155 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 201	226 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 3086	21 KB
1	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 12442	43 KB
1	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 5230	14 KB
0	azurewebsites.net Failed prod-dfm-proxy-connext.azurewebsites.net Failed
0	rlcdn.com Failed api.rlcdn.com Failed
0	blueconic.net Failed digitalfirstmedia.blueconic.net Failed
227	42

	Domain	Requested by
36	preprod.presstelegram.com	preprod.presstelegram.com cmp.osano.com
34	i.ytimg.com	preprod.presstelegram.com
25	public.flourish.studio	flo.uri.sh public.flourish.studio preprod.presstelegram.com
20	cdn59755463.blazingcdn.net	preprod.presstelegram.com
6	cmp.osano.com	preprod.presstelegram.com cmp.osano.com
5	cdn-p.cityspark.com	cmp.osano.com cdn.cityspark.com cdn-p.cityspark.com
5	www.googletagmanager.com	cmp.osano.com www.googletagmanager.com preprod.presstelegram.com
4	pagead2.googlesyndication.com	www.googletagmanager.com securepubads.g.doubleclick.net az416426.vo.msecnd.net
4	fonts.gstatic.com	fonts.googleapis.com
4	accounts.google.com	preprod.presstelegram.com cmp.osano.com
4	cdn.jsdelivr.net	preprod.presstelegram.com cdn.jsdelivr.net cdn.cityspark.com cdn.adapex.io
3	region1.google-analytics.com	www.googletagmanager.com
3	c.amazon-adsystem.com	cmp.osano.com c.amazon-adsystem.com
3	tagan.adlightning.com	cmp.osano.com
3	securepubads.g.doubleclick.net	cmp.osano.com preprod.presstelegram.com
3	sdk.mrf.io	cmp.osano.com
3	engage.presstelegram.com	cmp.osano.com engage.presstelegram.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	unpkg.com	1 redirects preprod.presstelegram.com
2	cat1.hbwrapper.com	cdn.adapex.io
2	cdn.listrakbi.com	cmp.osano.com
2	cds.connatix.com	cd.connatix.com cds.connatix.com
2	flo.uri.sh	preprod.presstelegram.com flo.uri.sh
2	session.presstelegram.com	preprod.presstelegram.com
2	cdn.p-n.io	preprod.presstelegram.com cmp.osano.com
2	fonts.googleapis.com	preprod.presstelegram.com flo.uri.sh
2	htlbid.com	preprod.presstelegram.com
1	events.newsroom.bi	sdk.mrf.io
1	paywall-ad-bucket.s3.amazonaws.com
1	cdn.pranmcpkx.com	cmp.osano.com
1	api-mg2.db-ip.com	fp.presstelegram.com
1	api.id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	cmp.osano.com
1	ams-pageview-public.s3.amazonaws.com	preprod.presstelegram.com
1	config.aps.amazon-adsystem.com	cmp.osano.com
1	hbwrapper.nyc3.cdn.digitaloceanspaces.com	cmp.osano.com
1	cloudflare.com	cdn.adapex.io
1	www.google.com
1	cdn.adapex.io	cmp.osano.com
1	sb.scorecardresearch.com	preprod.presstelegram.com
1	marfeelexperimentsexperienceengine.mrf.io	cmp.osano.com
1	pixel.wp.com	preprod.presstelegram.com
1	g2i.presstelegram.com	cmp.osano.com
1	fp.presstelegram.com	cmp.osano.com
1	p1.parsely.com	preprod.presstelegram.com
1	cd.connatix.com	preprod.presstelegram.com
1	loader-config.presstelegram.com	preprod.presstelegram.com
1	az416426.vo.msecnd.net	cmp.osano.com
1	cdn.cityspark.com	preprod.presstelegram.com
1	stats.wp.com	preprod.presstelegram.com
1	cdn.parsely.com	preprod.presstelegram.com
1	m869.presstelegram.com	preprod.presstelegram.com
1	cdn.sophi.io	preprod.presstelegram.com
1	cdn.auth0.com	preprod.presstelegram.com
1	ajax.googleapis.com	preprod.presstelegram.com
0	prod-dfm-proxy-connext.azurewebsites.net Failed	engage.presstelegram.com
0	api.rlcdn.com Failed	cdn.adapex.io
0	digitalfirstmedia.blueconic.net Failed	m869.presstelegram.com
227	59

This site contains links to these domains. Also see Links.

Domain
www.medianewsgroup.com
business.safety.google
checkout.presstelegram.com
www.accuweather.com
enewspaper.presstelegram.com
comicskingdom.com
www.scngobits.com
enewspaper.gazettes.com
www.presstelegram.com
store.dailynews.com
myaccount.presstelegram.com
myworkdaycenter.wd5.myworkdayjobs.com
www.socalnie.com
www.socalnewsgroup.com
careers.socalnewsgroup.com
presstelegram.readerschoice.la
scnglacounty.column.us
lbcityguide.com
access.medianewsgroup.com
sponsor.medianewsgroup.com
my.datasubject.com
vip.wordpress.com
skyline.studio
www.digitalfirstmedia.com
www.instagram.com
www.youtube.com
youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
preprod.presstelegram.com E7	`2025-11-09` - `2026-02-07`	3 months	crt.sh
htlbid.com Amazon RSA 2048 M02	`2025-07-21` - `2026-08-18`	a year	crt.sh
upload.video.google.com WE2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2025 Q2	`2025-06-02` - `2026-07-04`	a year	crt.sh
*.osano.com Amazon RSA 2048 M03	`2025-08-18` - `2026-09-16`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-12-25` - `2026-01-23`	a year	crt.sh
accounts.google.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
cdn.sophi.io Amazon RSA 2048 M03	`2025-07-18` - `2026-08-15`	a year	crt.sh
a352.sandiegouniontribune.com Amazon RSA 2048 M02	`2025-09-01` - `2026-09-30`	a year	crt.sh
parsely.com E8	`2025-10-09` - `2026-01-07`	3 months	crt.sh
wp.com E8	`2025-10-05` - `2026-01-03`	3 months	crt.sh
pushlycdn.com Amazon RSA 2048 M01	`2025-10-14` - `2026-11-11`	a year	crt.sh
cdn.cityspark.com R12	`2025-10-30` - `2026-01-28`	3 months	crt.sh
az416426.vo.msecnd.net GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-07-30` - `2026-01-30`	6 months	crt.sh
loader-config.presstelegram.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-08-25` - `2026-02-25`	6 months	crt.sh
*.presstelegram.com Amazon RSA 2048 M02	`2025-01-30` - `2026-03-01`	a year	crt.sh
connatix.com WE1	`2025-10-12` - `2026-01-10`	3 months	crt.sh
*.google-analytics.com WE2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
uri.sh WE1	`2025-09-17` - `2025-12-16`	3 months	crt.sh
*.gstatic.com WE2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M04	`2025-09-09` - `2026-10-08`	a year	crt.sh
fp.presstelegram.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-08-24` - `2026-02-24`	6 months	crt.sh
g2i.presstelegram.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-08-24` - `2026-02-24`	6 months	crt.sh
engage.presstelegram.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-08-24` - `2026-02-24`	6 months	crt.sh
cdn-p.cityspark.com R12	`2025-10-05` - `2026-01-03`	3 months	crt.sh
cds.connatix.com WE1	`2025-09-27` - `2025-12-26`	3 months	crt.sh
public.flourish.studio WE1	`2025-11-04` - `2026-02-02`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
listrakbi.com E8	`2025-10-20` - `2026-01-18`	3 months	crt.sh
sdk.mrf.io WE1	`2025-11-07` - `2026-02-05`	3 months	crt.sh
ssl01.cert.cl13.k8s.mrf.io E7	`2025-11-05` - `2026-02-03`	3 months	crt.sh
*.scorecardresearch.com Sectigo Public Server Authentication CA OV R36	`2025-10-09` - `2026-10-09`	a year	crt.sh
adapex.io WE1	`2025-10-04` - `2026-01-02`	3 months	crt.sh
adl.ksldigital.media Amazon RSA 2048 M03	`2025-05-05` - `2026-06-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M04	`2025-10-20` - `2026-11-18`	a year	crt.sh
*.blazingcdn.net Sectigo Public Server Authentication CA DV R36	`2025-07-16` - `2026-08-15`	a year	crt.sh
edgestatic.com WR2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
*.google.com WE2	`2025-10-13` - `2026-01-05`	3 months	crt.sh
cat1.hbwrapper.com R13	`2025-10-20` - `2026-01-18`	3 months	crt.sh
cloudflare.com WE1	`2025-09-16` - `2025-12-15`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-04-23` - `2026-05-09`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2025-03-31` - `2026-04-29`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-12-22` - `2026-01-21`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2025-02-14` - `2026-02-07`	a year	crt.sh
id5-sync.com WE1	`2025-09-19` - `2025-12-18`	3 months	crt.sh
db-ip.com WE1	`2025-10-28` - `2026-01-26`	3 months	crt.sh
cdn.pranmcpkx.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2025-07-31` - `2026-01-31`	6 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07	`2025-08-26` - `2026-02-22`	6 months	crt.sh
ssl03.cert.cl11.k8s.mrf.io E7	`2025-10-10` - `2026-01-08`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://preprod.presstelegram.com/
Frame ID: 0C1B2ED93817B37528B374A72FFC4801
Requests: 127 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.player.js
Frame ID: 723BA5E51E42A336F3FCC99F1A5405AD
Requests: 3 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/21260796/embed
Frame ID: 61E5931B7454F8862F9D3EC2D88E6DFC
Requests: 64 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: EEBC18CBDC6E6B12C810593BFA20986B
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 8B0CA55512A340F1D303A7457739B5AD
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/5a20/sw_iframe.html?origin=https%3A%2F%2Fpreprod.presstelegram.com
Frame ID: F5539F431B9896BCE7D1B443E7CB14B6
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Frame ID: 8944196E8CB6A8BA4AF8E9F9954D1F72
Requests: 29 HTTP requests in this frame

Frame: https://hbwrapper.nyc3.cdn.digitaloceanspaces.com/cookiesEnabled.html
Frame ID: 4C98A4D5A05EAE259FA01D09A66279F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Long Beach Press-Telegram: Local News, Sports, Things to Do

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

227
Requests

94 %
HTTPS

0 %
IPv6

42
Domains

59
Subdomains

51
IPs

6
Countries

13088 kB
Transfer

58561 kB
Size

17
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Datenspeicherungsrichtlinie

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Google-Datenschutzrichtlinie

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?g2i_or_o=Internt5&g2i_or_p=MG2NAV&g2i_source=SB&g2i_medium=side-nav&g2i_campaign=nav&returnUrl=https%253A%252F%252Fpreprod.presstelegram.com%252F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/long-beach-ca/90802/current-weather/38079_pc?lang=en-us&partner=mng_4
Title: 69°F

Search URL Search Domain Scan URL

URL: https://enewspaper.presstelegram.com/
Title: e-Edition

Search URL Search Domain Scan URL

URL: https://comicskingdom.com/?utm_source=dfm
Title: Comics

Search URL Search Domain Scan URL

URL: https://www.scngobits.com/
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://enewspaper.gazettes.com/html5/reader/production/default.aspx?pubname=&pubid=e9b0bb88-6e63-4d46-bc2a-d3f311b042eb
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://www.presstelegram.com/sponsor-content-hub/?ntv_adpz=4055
Title: Paid Content by Brandpoint

Search URL Search Domain Scan URL

URL: https://store.dailynews.com/dept/long-beach-press-telegram?cp=110560_111194_111197&utm_campaign=evergreen&utm_medium=referral&utm_source=edit-nav-presstel&utm_content=&utm_term=
Title: Press-Telegram Store

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/lbpt/preferences
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?&g2i_or_o=Internt5&g2i_or_p=MG2NAV&g2i_source=SB&g2i_medium=nav2&g2i_campaign=nav&returnUrl=https%253A%252F%252Fwww.presstelegram.com%252F
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?g2i_or_o=Internt5&g2i_or_p=MG2NAV&g2i_source=SB&g2i_medium=nav2&g2i_campaign=nav&returnUrl=https%253A%252F%252Fpreprod.presstelegram.com%252F%253FnewUser%253Dtrue
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/access.aspx?utm_source=adtila&utm_medium=website&utm_campaign=access

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?&g2i_or_o=Internt5&g2i_or_p=MG2NAV&g2i_source=SB&g2i_medium=footer&g2i_campaign=nav&returnUrl=https%253A%252F%252Fwww.presstelegram.com%252F
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/lbpt/preference
Title: Sign Up For Newsletters

Search URL Search Domain Scan URL

URL: https://myworkdaycenter.wd5.myworkdayjobs.com/MNG
Title: Work With Us

Search URL Search Domain Scan URL

URL: https://www.socalnie.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: https://store.dailynews.com/dept/long-beach-press-telegram?cp=110560_111194_111197&utm_campaign=evergreen&utm_medium=referral&utm_source=edit-footer-presstel&utm_content=&utm_term=
Title: Press Telegram Store

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/our-company/
Title: About Southern California News Group

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/
Title: MediaNews Group

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/
Title: Partners

Search URL Search Domain Scan URL

URL: https://careers.socalnewsgroup.com/
Title: Local Job Board

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://presstelegram.readerschoice.la/
Title: Reader’s Choice

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/advertising-solutions/marketplace/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://scnglacounty.column.us/place
Title: Legals

Search URL Search Domain Scan URL

URL: http://lbcityguide.com/
Title: LB City Guide

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/advertising-solutions/
Title: Advertising Solutions

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/contact-us/
Title: Get in Touch with a Marketing Strategist

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/mediakitrequestform/
Title: Request Media Kit

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/creative-services/
Title: Creative Services

Search URL Search Domain Scan URL

URL: https://www.socalnewsgroup.com/content-marketing/
Title: Content Marketing

Search URL Search Domain Scan URL

URL: https://myaccount.presstelegram.com/lbpt/rewards
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: https://access.medianewsgroup.com/d/socal
Title: Sponsored Access

Search URL Search Domain Scan URL

URL: https://sponsor.medianewsgroup.com/a/?tag=socal
Title: Sponsor a Student

Search URL Search Domain Scan URL

URL: https://checkout.presstelegram.com/?&g2i_or_o=Internt5&g2i_or_p=MG2NAV&g2i_source=SB&g2i_medium=side-nav&g2i_campaign=nav&returnUrl=https%253A%252F%252Fwww.presstelegram.com%252F
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy#section-9
Title: California Notice at Collection

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/privacy-policy#financial
Title: Notice of Financial Incentive

Search URL Search Domain Scan URL

URL: https://my.datasubject.com/16A1AnRt2Fn8i1unj/77
Title: Do Not Sell/Share My Personal Information

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://skyline.studio/

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/
Title: The.SoCal.Local

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/m0u3gGFkvHc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/CyvqEiQ0sm8

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/S5Ba8u1_mVI

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/gl4oH3uY0mo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/X9HR08Qg3aM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/cSt1Sy5HBHg

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/WjoQ6oVsXPI

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/0O8FhV25BKk

Search URL Search Domain Scan URL

URL: https://youtube.com/shorts/fxKneOUVeXg?si=SLKQDy5NMF3P1o5E

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/-2pR7ZQbqPs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/HY4xkgGyu9g

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DLq8NuKOGq2/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DK5eKQdS-Rq/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=hmvYvj3a1QA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DKxwevvhSKe/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DKiUtkUAm7I/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DKzynScpklN/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DKf6Ihyt4bm/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/t/ZP8Mjb4pQ/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=_L5VIK1Cyg8

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/7xNkewhsuyo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/SsihIuM_FGk

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/8QXDQT9TegE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/P5R9F5dal5A

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/jMuhIxo60dA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/Hx2Wvh755Rc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/QZc2nGdjSfI

Search URL Search Domain Scan URL

URL: https://www.youtube.com/shorts/KWcTNEmn9t0

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DINOnfIvNQP/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DHv1lC3pXmb/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DHolTW_te-n/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DHeDfMLvkzy/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DHWxFgfyeP6/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DHUlb2iSE4n/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DHOuFhLyBG_/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DHJ7RN1yVne/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DG4LsXTyAOG/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DG31htzyndu/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DGjWFG6SiCZ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DGW9QyQt-cT/?igsh=NTc4MTIwNjQ2YQ==

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DGTdf4zy0Qt/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DGOlQekTHOU/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DGEsIICyXNd/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DGEHpkRSUaE/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/DGCLIIcSAor/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DF9FDpfPlPh/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DFwbUS3RAWj/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DChqZMfyFkt/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DDz0eDfSawL/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/DDgO4W4p3Jx/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DEVTDQEyR1V/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/the.socal.local/reel/DE6C2nzSvaP/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 190

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@5.1.0/dist/web-vitals.iife.js

227 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
preprod.presstelegram.com/ 163 KB
32 KB 63ms
11ms Document
text/html 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

dce15d045b8e48f9526e7b195019e1a80bdf2606a0addb19e4a0b8b9ac8a5109

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: private
content-encoding: br
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.visualwebsiteoptimizer.com; style-src 'unsafe-inline' https: *.visualwebsiteoptimizer.com app.vwo.com; img-src data: https: blob: *.visualwebsiteoptimizer.com app.vwo.com useruploads.vwo.io; font-src data: https:; connect-src https: data: blob: *.visualwebsiteoptimizer.com app.vwo.com; media-src blob: data: https:; object-src https:; child-src https: data: blob: 'self' *.visualwebsiteoptimizer.com app.vwo.com; upgrade-insecure-requests; block-all-mixed-content;
content-type: text/html; charset=UTF-8
date: Sun, 09 Nov 2025 22:13:29 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://preprod.presstelegram.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/9oMVF>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: HIT
x-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-robots-tag: noindex, nofollow
x-rq: hhn2 0 40 9980

GET
H2 200 long_beach_press-telegram_black-392x40.svg
preprod.presstelegram.com/wp-content/uploads/2017/09/ 9 KB
3 KB 24ms
24ms Image
image/svg+xml 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2017/09/long_beach_press-telegram_black-392x40.svg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2
etag: W/"0214146f1bfe8417"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Fri, 22 Sep 2017 17:24:53 GMT

GET 5b6c5b0d-33bf-4e1b-b7ab-dac5debf3aea
https://preprod.presstelegram.com/ 0
0

GET
H2 200 osano-custom.css
preprod.presstelegram.com/wp-content/themes/wp-mason/static/css/ 78 B
366 B 24ms
21ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/themes/wp-mason/static/css/osano-custom.css?m=1762567985g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

07b474332c902441bb5645eb5edaa038a67f21fd5e28738d99930784bc9e68a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2 0 40 9980
etag: "690ea731-4e"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 78
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Sat, 08 Nov 2025 02:13:05 GMT
server: nginx

GET
H2 200 htlbid.css
htlbid.com/v3/presstelegram.com/ 1 KB
575 B 479ms
416ms Stylesheet
text/css 65.9.175.113
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://htlbid.com/v3/presstelegram.com/htlbid.css?ver=6.8.3
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.175.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-175-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47a9d8273268080b0322dc3d9df62f1e7f92f3fcb2ac6007a5c3851fb3e66966

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600
content-encoding: br
etag: W/"5e34c658ce097b745ec27c77eed94eb6"
via: 1.1 3fe1b65a21db2155ab695e76b3fc80ca.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 8FI0347Gny7z_QcJSYsH22UWbPt2qj5KAjcbiakF0ql2k14TX3qgPw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/css
last-modified: Mon, 03 Nov 2025 16:13:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P14
x-amz-server-side-encryption: AES256

GET
H2 200 style.css
preprod.presstelegram.com/wp-content/client-mu-plugins/src/Sitemap/includes/ 880 B
606 B 19ms
17ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1742836555g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"67e1934b-370"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 17:15:55 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.min.css
preprod.presstelegram.com/wp-content/plugins/dfm-trust-indicators/dist/css/ 2 KB
981 B 20ms
17ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/plugins/dfm-trust-indicators/dist/css/style.min.css?m=1762551950g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d09cf4f0c6fd1b0e9587e4315cc0ef7cc891323ea0fac43a8b0146823f67dc16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690e688e-934"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Fri, 07 Nov 2025 21:45:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 mng-digisubs.styles.css
preprod.presstelegram.com/wp-content/plugins/mng-digisubs/static/ 42 KB
10 KB 23ms
21ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/plugins/mng-digisubs/static/mng-digisubs.styles.css?ver=1762567985

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

356cb705daea0fc2936b15f146ae893aaf9c9527b69f2dcbfaefd1415caea154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690ea731-a931"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Sat, 08 Nov 2025 02:13:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 mobile-adhesion-style.css
preprod.presstelegram.com/wp-content/client-mu-plugins/src/Ads/assets/css/ 1 KB
699 B 13ms
11ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1742836555g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"67e1934b-441"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 17:15:55 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 85ms
48ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%2C800%7CNoto+Serif%3A400%2C400i%2C700%2C700i%2C800&display=swap&ver=6.8.3

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

d19375ea73bb822724423482cd6d0bd35af92589807b03ee6f175a449a781913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 09 Nov 2025 22:13:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 measuredvibrant.css
preprod.presstelegram.com/wp-content/themes/assets/static/css/ 712 KB
121 KB 13ms
11ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/themes/assets/static/css/measuredvibrant.css?m=1762567985g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6c331288402b27f09f695e4a3a8a2f1fcc38180c57657735ec02aa2fe8b35e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690ea731-b1ebe"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Sat, 08 Nov 2025 02:13:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 46ms
9ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0eed8f45beafbac113cbf3a510957f10cec792b994ec6e4ec6de431d32dfeff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"e199-NrpiHfjLNvgUFx/FkLJ1+scZZXk"
age: 1596953
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230176-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8826
x-jsd-version: 1.5.0

GET
H2 200 style.min.css
preprod.presstelegram.com/wp-content/plugins/dfm-ad-mods/dist/css/ 79 B
367 B 22ms
20ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/plugins/dfm-ad-mods/dist/css/style.min.css?m=1762551950g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cff60e2843db9ee172432c39acbb4d6229b7726372e389788c216f4f06b1a417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2 0 40 9980
etag: "690e688e-4f"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 79
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Fri, 07 Nov 2025 21:45:50 GMT
server: nginx

GET
H2 200 auth0-session-storage.min.js Show response
preprod.presstelegram.com/wp-content/client-mu-plugins/src/Auth0/assets/dist/ 183 B
482 B 17ms
15ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/client-mu-plugins/src/Auth0/assets/dist/auth0-session-storage.min.js?ver=1.0.4

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

369e065884f175984ed11bdaaab83fddd565df20acc44e5334e2949cf42b5b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2 0 40 9980
etag: "68374627-b7"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 183
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Wed, 28 May 2025 17:21:43 GMT
server: nginx

GET
H3 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 251 KB
62 KB 73ms
11ms Script
application/javascript 18.245.31.35
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-35.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

e9982f6a9584c5c250e7ba0631f3847f71c34521a62f7ab3a16ab471fca305e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: br
etag: "43c7692229ec0350c6b4b600f3f7b934"
age: 6430
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: trK8zuL88sCZj5ytHmSnJpcOwch41AaXu9BS7Tsc3mTRpt_L6QZztw==
date: Sun, 09 Nov 2025 20:26:19 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 29 Oct 2025 20:36:43 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
content-length: 62659
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 43ms
9ms Script
text/javascript 142.250.185.234
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
age: 482455
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 04 Nov 2026 08:12:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 04 Nov 2025 08:12:34 GMT
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31021
x-xss-protection: 0
server: sffe

GET
H2 200 htlbid.js Show response
htlbid.com/v3/presstelegram.com/ 465 KB
126 KB 441ms
441ms Script
application/javascript 65.9.175.113
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://htlbid.com/v3/presstelegram.com/htlbid.js?ver=6.8.3
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.175.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-175-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b357c672439c3e78219841a76e65270b193bb7dbdfb06955941562d71e642d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600
content-encoding: br
etag: W/"a63777afc25df62fb6193f2162bc0377"
via: 1.1 3fe1b65a21db2155ab695e76b3fc80ca.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: H25Zt-f2LvdxcD92Rwsra4foJLPgKZtLl3YIBR7Lye6xwc-ZGdf3lg==
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/javascript
last-modified: Mon, 03 Nov 2025 16:13:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P14
x-amz-server-side-encryption: AES256

GET
H2 200 sso-tools.min.js Show response
preprod.presstelegram.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 11 KB
2 KB 23ms
22ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1742836555g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ff8bbeed09c55ffbff2607d7e8751d9889df3a3bd6f213f0e5607246fa89e17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"67e1934b-2b55"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Mon, 24 Mar 2025 17:15:55 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 loader.min.js Show response
preprod.presstelegram.com/wp-content/plugins/loader-wp/static/ 39 KB
12 KB 26ms
25ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.4

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6a50d7df2b90fdbce127bfad53219dd16b73976a81d4cacf49d23714618636ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"68eeac03-9b37"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Tue, 14 Oct 2025 20:01:07 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 / Show response
preprod.presstelegram.com/_static/ 78 KB
20 KB 25ms
24ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/_static/??-eJydzDEOwjAMQNELkVggtYUBcQFWDpA0luUqcaPYUeH2sCB1YGL90vuwVTevYigGNXdiUchrSNjcVkEtGM+AQoHwzrGF9vKFxS96gB+yCLnExNqjfvG+eUUzFlIfu6SMf38+QPBpD+O8e93K9TiNp2GcLudheQPeJFH7

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d035ebedf46b02cbd59b7ee6dfc775b509501b9777003f924d19d8e64354196b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
accept-ranges: bytes
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Sat, 08 Nov 2025 02:13:05 GMT

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/2.1/ 40 KB
14 KB 58ms
13ms Script
application/javascript 13.33.223.41
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cdn.auth0.com/js/auth0-spa-js/2.1/auth0-spa-js.production.js?ver=6.8.3

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.223.41 New York, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-223-41.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d931bfe4b9f39f318e84dc593cdc78fe4f5e463fe4c1fd2a6b72ed583ebaf872

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-robots-tag: noindex
content-encoding: gzip
x-amz-version-id: 9GuZ7OPrjGLhGXFoVYk0nC_sL6c2.1M2
etag: W/"9c185ec28488b9113e39f2483714b411"
age: 2569
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KpYNu33omP-KetyDqDCcYXUKH7e4WEt24eUlI9WTofjWjwRWqDQhxg==
date: Sun, 09 Nov 2025 21:30:41 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Mon, 21 Aug 2023 16:00:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-replication-status: FAILED
cache-control: max-age=10800,public
via: 1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 client Show response
accounts.google.com/gsi/ 237 KB
89 KB 113ms
67ms Script
application/javascript 108.177.15.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/client?ver=6.8.3

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f84.1e100.net

Software

ESF /

Resource Hash

cd9d980bcfeda09eac167fe53bce478cd70dbb8c57d983d1aa20b6ad0bfed894

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bcea_YUvBR1CbUcpgvI_MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bcea_YUvBR1CbUcpgvI_MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Sun, 09 Nov 2025 22:13:29 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
preprod.presstelegram.com/_static/ 860 KB
105 KB 27ms
26ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/_static/??-eJyl0MEKwjAMBuAXcg0K2/QgXn2NbitdSpMVkzIf3+hFPLqdAiH/x09gLc24sAZWKLlGZAHi2EwYUeogIOoVx5+dI4/shspTDi7JAbYYFuDw1L2MHaPmQDZlr1Xx7t/A4x/IiwQVSEYuZUYgr7MJZB/a2uMDfTvc6Hrsu1Pb9Zdzm14LfaNO

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2da119f225c41462aac75d43578acd5b11ae3d808b86bc344b0f073e09b76a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
accept-ranges: bytes
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Sat, 08 Nov 2025 02:13:05 GMT

GET
H2 200 1999447309.js Show response
cdn.sophi.io/assets/demeter/1/stable/ 147 KB
43 KB 118ms
54ms Script
text/javascript 52.222.136.25
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.sophi.io/assets/demeter/1/stable/1999447309.js?ver=6.8.3
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.136.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-136-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9c25edb0aa9bb48fb163715c26ae4404039ed8d54300f0ca7751daaede48654

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

vary: accept-encoding
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
etag: W/"cfc4e888f06263d769747438bc1e0e2f"
x-amz-version-id: kN6ASZreHmuuYMiBEWProFiO1zV9Klt.
age: 0
via: 1.1 8027798dc40af04392a940303e0fc516.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: NUZa_QMmPwaDzex3z5ObSFU0D3AVwyjkb530qsw3hLkr6ZYAKuQoIw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/javascript
last-modified: Fri, 07 Nov 2025 22:01:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 script.js Show response
m869.presstelegram.com/ 154 KB
45 KB 78ms
15ms Script
text/javascript 18.66.147.118
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://m869.presstelegram.com/script.js

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-118.fra60.r.cloudfront.net

Software

- /

Resource Hash

8e335d8dc8b456daadec6760d17009f150e44968eb59210adfba6fd23aa1da07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-robots-tag: noindex, nofollow
content-encoding: gzip
etag: 68f398ad5fbbcb62a2398606ea700998
age: 161
x-permitted-cross-domain-policies: master-only
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:20:48 GMT
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
x-amz-cf-id: HYJiWDMNcinQoU79npSRPA8Ti7hezSUWKCUToRfjfMjfvcBvcEGV5w==
date: Sun, 09 Nov 2025 22:10:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 09 Nov 2025 22:10:16 GMT
strict-transport-security: max-age=63072000
cache-control: public, no-cache="Set-Cookie", max-age=600
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
content-length: 45743
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA60-P4
server: -

GET
H2 200 / Show response
preprod.presstelegram.com/_static/ 570 KB
110 KB 29ms
28ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/_static/??-eJytjEEOwiAQRS8kTDRpqwvjwiN4AgoIgzAlnaFeX5aauDKu/s9L3oNnVXYh8SRQcwtIDO5elHGqLK5/ZIHEECPna/T2oQuSTryDL2KhoBwG5DYzsBhB+8G0qTV7PTdyfX6OrB1lf4tm/VvLbG+pSznvp/EwjNPpOKQXEo1sAA==

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f29e3282e0913f53add57b73e3f60697db0a1e73a33137b78ed1bef74466a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
accept-ranges: bytes
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Sat, 08 Nov 2025 02:13:05 GMT

GET
H2 200 EXC-L-REALID-1011.jpg
preprod.presstelegram.com/wp-content/uploads/2025/03/ 32 KB
32 KB 33ms
33ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2025/03/EXC-L-REALID-1011.jpg?w=622

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7286a766a8ad98d1a79fb79bddacd935350c699e86d3491a8b745ec19afb21a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "4329eda2ae9332c7"
x-bytes-saved: 115588
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 32506
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:47 GMT

GET
H2 200 EXC-L-REALID-1011.jpg
preprod.presstelegram.com/wp-content/uploads/2025/03/ 61 KB
61 KB 28ms
27ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2025/03/EXC-L-REALID-1011.jpg?w=940

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18ffc75ba1d0ba2b0601063e80bef558ffe81ca439a01284fb19e10baf572dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "734db52ea9d04e1d"
x-bytes-saved: 85704
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 62390
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:47 GMT

GET
H2 200 OCR-L-MOTHER-0321-01.jpg
preprod.presstelegram.com/wp-content/uploads/2025/03/ 3 KB
3 KB 9ms
9ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2025/03/OCR-L-MOTHER-0321-01.jpg?w=305

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f5dfc4fd27ec2ab791cd3bf994454542d05f7a798854306d3de82d97f76b0ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "c14e021cb5456f6e"
x-bytes-saved: 144311
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 3010
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:47 GMT

GET
H2 200 LPT-L-KIWANIS-0322-01.jpg
preprod.presstelegram.com/wp-content/uploads/2025/03/ 8 KB
8 KB 9ms
7ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2025/03/LPT-L-KIWANIS-0322-01.jpg?w=233

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90b1b7ae664603d1a34fe99a66ea838160c71e0bb00006dd67e3883110d505a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "8c3c44710ed20795"
x-bytes-saved: 52699
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 8212
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:49 GMT

GET
H2 200 LPT-L-PET-FOSTER-0127-05.jpg
preprod.presstelegram.com/wp-content/uploads/2024/06/ 11 KB
11 KB 12ms
11ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2024/06/LPT-L-PET-FOSTER-0127-05.jpg?w=258

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

567e5497158f9dd308454ab878d68afffc2c138d068768b2a6c9bac55b604c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "58f3103506e6f788"
x-bytes-saved: 638231
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 11256
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:49 GMT

GET
H2 200 Immigration_Crackdown_Detaining_Tourists_92908.jpg
preprod.presstelegram.com/wp-content/uploads/2025/03/ 5 KB
5 KB 19ms
17ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2025/03/Immigration_Crackdown_Detaining_Tourists_92908.jpg?w=258

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d469a76a055b5fca1566d30dead7bdea46a7c97379411e2ae32b7cb27d2e6773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "fdceff16ce9e7a10"
x-bytes-saved: 162880
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 4662
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:49 GMT

GET
H2 200 lbpt_viewEedition_jan2025-v2.png
preprod.presstelegram.com/wp-content/uploads/2025/01/ 162 KB
162 KB 15ms
14ms Image
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2025/01/lbpt_viewEedition_jan2025-v2.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

061160fbe245fa724d8d902c3f6cb7ddfe6636d9bca59debfe3cfe1c6d60d682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "f535eaf7065f5c2d"
x-bytes-saved: 80994
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 165638
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 04 Nov 2025 17:41:49 GMT

GET
H2 200 southern-california-news-group-logo.svg
preprod.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 14 KB
5 KB 18ms
17ms Image
image/svg+xml 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/southern-california-news-group-logo.svg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f1ba99b9e447f01ed7ec46c6ad3c39b0530a03e25630ae191bcf988d907d93bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"67e1934e-38ee"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 17:15:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 skyline-logo.svg
preprod.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 2 KB
1 KB 13ms
12ms Image
image/svg+xml 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/skyline-logo.svg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3f81d41e3fc7c67c69d1ed06acbb4da5f05e3d8302401e6a2122e6be68722338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"67e1934e-75c"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 17:15:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 dfm-logo.svg
preprod.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/ 7 KB
2 KB 13ms
12ms Image
image/svg+xml 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://preprod.presstelegram.com/wp-content/themes/wp-mason/static/images/site-logo/dfm-logo.svg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8aa3120988ba45a5f184fc74f7329051d6fdd3ec15adf58ddea94f5ed12264e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"67e1934e-1c89"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 17:15:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
preprod.presstelegram.com/wp-content/mu-plugins/jetpack-15.1/modules/widgets/top-posts/ 2 KB
854 B 17ms
16ms Stylesheet
text/css 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/mu-plugins/jetpack-15.1/modules/widgets/top-posts/style.css?m=1762462882g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1212f923fdc00c65dc824310596698c9db8fad050bccd15892bcbaa02ffc26ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690d0ca2-6ab"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: text/css
last-modified: Thu, 06 Nov 2025 21:01:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 / Show response
preprod.presstelegram.com/_static/ 23 KB
10 KB 15ms
14ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/_static/??-eJyVj8EKwjAQRH/IdlGw1YN49eJHhCQ2W5Pd0N0o9utNBUEPHjzOMI+ZgXtuLJN6UtDgkxeoTjLCBKJG0cIowGKIG1tEObWjrOCDyrEMSAKJhiZoBIeiC1P1SeOZnbQJ6ReVAyvTBWOEmyfHE2S0Wia/WP+B0cwPwdl/9SHZWFx9VRe9lgXm6ztxTId13222Xb/fbccnBwFjuA==

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ed4c962cc273cedf6fb8550b3a486ad3de75fe6852351afdf4e295a297305c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
accept-ranges: bytes
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Sat, 08 Nov 2025 02:13:05 GMT

GET
H2 200 i18n.min.js Show response
preprod.presstelegram.com/wp-includes/js/dist/ 9 KB
4 KB 12ms
11ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"68dc2096-23b5"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Tue, 30 Sep 2025 18:25:26 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 loader.js Show response
preprod.presstelegram.com/wp-content/mu-plugins/wp-parsely-3.21/build/ 3 KB
2 KB 10ms
10ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/mu-plugins/wp-parsely-3.21/build/loader.js?m=1762462883g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c68a175d033ffefaac61551455eb8d56d0f9756c8fe19f80beb48a695fdec85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690d0ca3-c26"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Thu, 06 Nov 2025 21:01:23 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 p.js Show response
cdn.parsely.com/keys/presstelegram.com/ 59 KB
22 KB 46ms
7ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL: https://cdn.parsely.com/keys/presstelegram.com/p.js?ver=3.21.1
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 13ec9e71cd5cb9f61eafb49f6ba899334c97a846ae0d892e83d0fd3009c28bae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age=300, must-revalidate
content-encoding: gzip
x-rq: hhn2
etag: W/"66e46817-eb5c"
pragma: public
expires: Mon, 10 Nov 2025 00:35:59 GMT
accept-ranges: bytes
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Fri, 13 Sep 2024 16:28:07 GMT
server: nginx

GET
H2 200 ads.js Show response
preprod.presstelegram.com/wp-content/themes/wp-mason/static/js/ 87 B
385 B 10ms
10ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2 0 40 9980
etag: "690ea731-57"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 87
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Sat, 08 Nov 2025 02:13:05 GMT
server: nginx

GET
H2 200 / Show response
preprod.presstelegram.com/_static/ 73 KB
21 KB 9ms
8ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/_static/??-eJyVzkEKwkAMheELOQ0W2upCxKPETlpTJpPSpBVvb1EXLkR09/jhgwfXMbSanbKDX0jIAM3IDczRuYXBYNR06zglK4RzMdgGfkBCaPNEceHzhNm/0LUImuY3nLTXwNIHdJ8+0THNPWeD2EnAGETjutn8iTGeHnf+lVbmhSPpyx3lsG3qsqqb/a4a7sxBbhU=

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

061e22397b9fb506de1fb3d9f78e5693f9c84de8b43b55d5bf3ae7eacd8c7831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
accept-ranges: bytes
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Sat, 08 Nov 2025 02:13:05 GMT

GET
H2 200 mng-cache-control-adminbar.js Show response
preprod.presstelegram.com/wp-content/plugins/mng-cache-control/Src/assets/dist/ 3 KB
1 KB 14ms
14ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/plugins/mng-cache-control/Src/assets/dist/mng-cache-control-adminbar.js?ver=0.2.1

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

93526c655d53809dc35ccb4532bf18c73ade17e215cb17a3695c8baf17c2ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"69010983-dca"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
last-modified: Tue, 28 Oct 2025 18:20:51 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 e-202545.js Show response
stats.wp.com/ 4 KB
2 KB 40ms
17ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL: https://stats.wp.com/e-202545.js
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2abd616c43c16e7a2d01f1f1c761d6c12acf4b2ed9a9a411289ee3bb5a681ffe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age=31536000
a8c-edge-cache: cache
content-encoding: br
x-nc: HIT -
etag: W/7134-1748959716663.3035
x-minify: t
x-minify-cache: hit
access-control-allow-methods: GET, HEAD
expires: Mon, 02 Nov 2026 12:52:20 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 172 KB
46 KB 411ms
349ms Script
application/javascript 54.192.35.109
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=6.8.3
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.35.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-35-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 309f6d5473c7202c7bddef2bde5040f80a9b152b1114dfe3cd246ebfaef2d62d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=300
content-encoding: gzip
etag: W/"ebb6b596755efc382ba611676cf798a4"
via: 1.1 173e1f9e40c2df572d404097afea2570.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: BhC1YBwX7JTNoQyDzlkpUAH6WpG1zNNBHg-v2EnGA3AHKiZJoAEqgA==
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/javascript
last-modified: Wed, 05 Nov 2025 01:35:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P15
x-amz-server-side-encryption: AES256

GET
H2 200 get.js Show response
cdn.cityspark.com/wid/ 2 KB
3 KB 354ms
58ms Script
application/x-javascript 188.240.13.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to

Full URL

https://cdn.cityspark.com/wid/get.js?ver=6.8.3

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f21c4265854b78ebfd30e7fecee48ab178a601f9d4c8ba0fdd09a163b1bad039

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: PctZAz5r4f31wMwbLJb/Ew==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD2077910A7A04
expires: Tue, 11 Nov 2025 22:13:29 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/x-javascript
last-modified: Thu, 19 Dec 2024 21:53:26 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 0da716e3-701e-0043-3c3d-32dbed000000
access-control-allow-origin: *
content-length: 2476
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET 08cbe34d-009f-455c-b029-f39e5f45ae71
https://preprod.presstelegram.com/ 0
0

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
21 KB 248ms
32ms Script
application/x-javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-lastmodified,Content-Type,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/x-javascript
vary: Accept-Encoding
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
cache-control: public, max-age=1800
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 32a97741-901e-001b-13bf-51fedc000000
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
x-azure-ref: 20251109T221330Z-15df64f47759268khC1FRA3x240000000eng000000003era

GET
H2 200 loader-config.json Show response
loader-config.presstelegram.com/prod/dfm/ 3 KB
1 KB 98ms
14ms Fetch
application/json 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://loader-config.presstelegram.com/prod/dfm/loader-config.json
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.6.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e8cddf210fe0f51472143048578cbfa5e096fe443071a9569fccc7062d897689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-azure-ref: 20251109T221330Z-16f77b7fcffbfz4shC1FRAhdc80000000b4g000000000xpk
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 82013e72-c01e-005c-1460-4fa2e6000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
x-ms-blob-type: BlockBlob
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 14 Oct 2025 12:20:24 GMT

GET
H2 200 session Show response
session.presstelegram.com/api/ 112 B
280 B 687ms
333ms XHR
application/json 52.89.186.140
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://session.presstelegram.com/api/session
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/_static/??-eJyl0MEKwjAMBuAXcg0K2/QgXn2NbitdSpMVkzIf3+hFPLqdAiH/x09gLc24sAZWKLlGZAHi2EwYUeogIOoVx5+dI4/shspTDi7JAbYYFuDw1L2MHaPmQDZlr1Xx7t/A4x/IiwQVSEYuZUYgr7MJZB/a2uMDfTvc6Hrsu1Pb9Zdzm14LfaNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.186.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-186-140.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://preprod.presstelegram.com/

Response headers

access-control-allow-origin: https://preprod.presstelegram.com
content-length: 112
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-credentials: true

POST 1099
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H3 200 connatix.player.js Show response
cd.connatix.com/ Frame 723B 2 KB
1 KB 76ms
45ms Script
application/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cd.connatix.com/connatix.player.js
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af8041dd5747424115a0cb84849fa9cf2ea8dbd1f78f91db840952221be78ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
cf-ray: 99c0a85eff731c2e-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 712 KB
192 KB 59ms
36ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ae3f71d6ed13c69994e7758983403b5c4640747d2f6769f17bceeb2089ab490d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: zstd
expires: Sun, 09 Nov 2025 22:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 09 Nov 2025 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 196415
x-xss-protection: 0
server: Google Tag Manager

POST 1099
digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/ 0
0

GET
H2 200 embed Show response
flo.uri.sh/visualisation/21260796/ Frame 61E5 352 KB
108 KB 199ms
123ms Document
text/html 104.18.43.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://flo.uri.sh/visualisation/21260796/embed
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.42 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e27e2d39764147705fc04731353d4a62ea222cf3171484e7f401f99fe98a167d

Request headers

Referer: https://preprod.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 951245
cache-control: max-age=0
cf-cache-status: HIT
cf-ray: 99c0a85f593b5d96-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 09 Nov 2025 22:13:30 GMT
last-modified: Wed, 29 Oct 2025 20:49:20 GMT
server: cloudflare
vary: Accept-Encoding
x-amz-id-2: wR3jlGutb8vwQdRsAOc9oWXTvb4TIjTxzkRpQYpY2Rz0uzBE0c6V5Bk31m2vR+ee1YgZURe02I4wldBhpT7J+NXQb4fHyK1yBJdp6g3o2oY=
x-amz-request-id: 5TY6AX50NB3S3563
x-amz-version-id: ktUFTvCCcDsTZlbVcz8eIzWbe6MVB4Re

GET
H2 200 long_beach_press-telegram_black-392x40.svg
preprod.presstelegram.com/wp-content/uploads/2017/09/ 9 KB
0 1ms
1ms Image
image/svg+xml 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL: https://preprod.presstelegram.com/wp-content/uploads/2017/09/long_beach_press-telegram_black-392x40.svg
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2
etag: W/"0214146f1bfe8417"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: nginx
last-modified: Fri, 22 Sep 2017 17:24:53 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5eac55e658e4745b0e1eea667eaf816ac56afadbfcb8035065500515ce53f59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 32 KB
32 KB Font
font/truetype

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e64ec1cf402dd6b4994e1f3b1b96d699a9e1abd2369046f83547068adea6b959

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer

Response headers

Content-Type: font/truetype

GET
H3 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v42/ 35 KB
35 KB 116ms
84ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%2C800%7CNoto+Serif%3A400%2C400i%2C700%2C700i%2C800&display=swap&ver=6.8.3

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

51ca196f49a33e79e7870ff88ebd2829a3f627a51e7d690986618f0e7ad2b52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://fonts.googleapis.com/

Response headers

age: 482749
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 04 Nov 2026 08:07:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 04 Nov 2025 08:07:41 GMT
last-modified: Wed, 10 Sep 2025 16:23:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35820
x-xss-protection: 0
server: sffe

GET
H3 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v33/ 36 KB
36 KB 86ms
55ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v33/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%2C800%7CNoto+Serif%3A400%2C400i%2C700%2C700i%2C800&display=swap&ver=6.8.3

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

46281456234014ceb2a79bff447245de0f76b8d803be0738972ed374c3206c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://fonts.googleapis.com/

Response headers

age: 483508
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 04 Nov 2026 07:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 04 Nov 2025 07:55:02 GMT
last-modified: Fri, 05 Sep 2025 21:49:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36756
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 80ms
49ms Font
font/woff2 151.101.129.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Response headers

access-control-expose-headers: *
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
age: 1618116
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230070-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 90528
x-jsd-version: 1.5.0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 269ms
29ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1762726410116&plid=966781b4-0f83-48da-94ea-df22952b70e8&idsite=presstelegram.com&url=https%3A%2F%2Fpreprod.presstelegram.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fpreprod.presstelegram.com%2F&sref=&sts=1762726410114&slts=0&title=Long+Beach+Press-Telegram%3A+Local+News%2C+Sports%2C+Things+to+Do&date=Sun+Nov+09+2025+23%3A13%3A30+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&action=pageview&pvid=de939558-7a1f-44f3-9bf2-47e44d5358ac&u=pid%3D8a3b7f50-725b-4e0a-b5e2-0c77ed0534ba
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Sun, 09 Nov 2025 22:13:30 GMT
Content-Type: image/gif
Last-Modified: Sunday, 09-Nov-2025 22:13:30 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 common-async.chunk.min.js Show response
preprod.presstelegram.com/wp-content/themes/assets/static/js/ 49 KB
6 KB 29ms
29ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

655a100ff41899945662f890510f4600495cce34b1b459c26542558734398170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690ea731-c53d"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript
last-modified: Sat, 08 Nov 2025 02:13:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 measuredvibrant-async.chunk.min.js Show response
preprod.presstelegram.com/wp-content/themes/assets/static/js/ 3 KB
2 KB 100ms
100ms Script
application/javascript 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21c5a20ddfca46a1ee9708a9b57ee32631dea0d583ee4deeac7fca24b5e0d3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
content-encoding: br
x-rq: hhn2 0 40 9980
etag: W/"690ea731-cdc"
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript
last-modified: Sat, 08 Nov 2025 02:13:05 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 fp.min.js Show response
fp.presstelegram.com/prod/dfm/ 66 KB
23 KB 189ms
17ms Script
text/plain 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://fp.presstelegram.com/prod/dfm/fp.min.js?2025109
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a42d23041e2015412a733cd348ac0c3a11639ad490f4ac018e4557098cd8ea00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

x-azure-ref: 20251109T221330Z-15df64f47755v4rthC1FRAdwkn00000001w000000000dxrp
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 08e10685-801e-00a9-1885-5136cc000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
x-ms-blob-type: BlockBlob
content-type: text/plain
vary: Accept-Encoding
last-modified: Wed, 15 Oct 2025 07:49:49 GMT

GET
H2 200 g2i.min.js Show response
g2i.presstelegram.com/prod/dfm/ 227 KB
228 KB 835ms
664ms Script
text/plain 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://g2i.presstelegram.com/prod/dfm/g2i.min.js?2025109
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b1c0a646f80d98fef1d4bace9299c0c11a955079030218f3683a1e50f09138cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age= 604800
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE0BB22BB456B1
x-fd-int-roxy-purgeid: 4
x-ms-request-id: 24f1e0d4-f01e-0025-6cc6-515ec2000000
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 232895
date: Sun, 09 Nov 2025 22:13:30 GMT
last-modified: Wed, 15 Oct 2025 06:14:59 GMT
x-ms-blob-type: BlockBlob
x-azure-ref: 20251109T221330Z-15df64f4775hphw9hC1FRAhpa00000000cv000000000baqn

GET
H2 200 t8y9347t.min.js Show response
engage.presstelegram.com/prod/dfm/ 1 MB
1 MB 848ms
677ms Script
text/plain 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://engage.presstelegram.com/prod/dfm/t8y9347t.min.js?2025109
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56047ab9429daa4a4e6c53d43315e73ffded1a10e58695f0d6974db779694771

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age= 604800
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE0BB2A05DF757
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 47a5980a-e01e-0074-30c6-51c34e000000
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 1568578
date: Sun, 09 Nov 2025 22:13:30 GMT
last-modified: Wed, 15 Oct 2025 06:18:15 GMT
x-ms-blob-type: BlockBlob
x-azure-ref: 20251109T221330Z-16f77b7fcfft69bshC1FRArkyc0000000bcg00000000armw

GET
H2 200 t8y9347t.min.css
engage.presstelegram.com/prod/dfm/ 407 KB
408 KB 833ms
663ms Stylesheet
text/plain 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://engage.presstelegram.com/prod/dfm/t8y9347t.min.css?2025109
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 71fb999d0fd8958daeeb9c08a0e50456daff03dbb27f1d4d1bb75e859b7826da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age= 604800
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE0BB2A05D0D17
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 4f661e3f-901e-007e-31c6-5167f9000000
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 416475
date: Sun, 09 Nov 2025 22:13:30 GMT
last-modified: Wed, 15 Oct 2025 06:18:15 GMT
x-ms-blob-type: BlockBlob
x-azure-ref: 20251109T221330Z-15df64f4775rdhwqhC1FRAzu5c0000000g9g000000003a6x

GET
H2 200 11272.jsx Show response
cdn-p.cityspark.com/wid/ 70 KB
23 KB 180ms
32ms Script
application/json 188.240.13.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to

Full URL

https://cdn-p.cityspark.com/wid/11272.jsx?b=587575470&on=aHR0cHM6Ly9wcmVwcm9kLnByZXNzdGVsZWdyYW0uY29tLw==&callback=jsonp11272

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

77833aea253203e3d692a2484f8c2366662c3faf9fc2ae28b296fe3d43b8055c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
expires: Mon, 10 Nov 2025 00:13:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-cdn-host-id: DS8140,DS9225

GET
H3 200 elLoader.js Show response
cds.connatix.com/p/2146273620/ Frame 723B 4 KB
2 KB 112ms
85ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/2146273620/elLoader.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4cb818d568c7007eb3e47494470ed0fd9495596448c34b8da18f31a68e2e4c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "7acf7bafe02a166498d8d647bada6db8"
x-amz-version-id: .bxQtsF64UPoKVnAoCxhhDPQL9xoBePK
access-control-allow-methods: *
expires: Mon, 09 Nov 2026 22:13:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/javascript
last-modified: Fri, 07 Nov 2025 14:39:23 GMT
x-amz-expiration: expiry-date="Wed, 27 May 2026 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
vary: Accept-Encoding
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
timing-allow-origin: *
cf-ray: 99c0a85f9fe01c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1251
server: cloudflare
use-as-dictionary: match="/p/*/elLoader.js", id="2146273620-elLoader.js"

GET
H3 200 / Show response
cmp.osano.com/ Frame EEBC 5 KB
1 KB 123ms
36ms Document
text/html 18.245.31.112
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-112.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0dcefa0b117fa5dc44eefa92d2bf221f3455b29354cc940f144bb268100fc116

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://preprod.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 41097
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sun, 09 Nov 2025 10:48:34 GMT
etag: W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified: Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: accept-encoding Origin
via: 1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
x-amz-cf-id: ai_oH7uzR_IPAifKZvf7MaxQ6khcXUtiHiRA1shzMZbOgFdep_580w==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 de.json
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ Frame 0
0 190ms
102ms Preflight 18.245.31.35
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-35.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://preprod.presstelegram.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 09 Nov 2025 22:13:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via: 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
x-amz-cf-id: tp6XZuHB2lepPHfsg1sY60W6a8wxn05UR9S85SU-5LpB19rHYkzHVQ==
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 osano-ui.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 105 KB
26 KB 86ms
86ms Script
application/javascript 18.245.31.35
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano-ui.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-35.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b720a1732fd37822bb011bbbeadcd7afb5b7ae85e5f1f512162264a51a2f3082

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
x-amz-version-id: HpnU1BayUkXWN_HfZg8DR8nRqKaz0Kc_
etag: W/"b587c1f825a3c9f4c75fb362ab5c1576"
age: 71995
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: RNKuPDr8_WH47Y18s8t9E5nUub1umglmOPgt5nb4oRKZ4IDHA4gZAg==
date: Sun, 09 Nov 2025 07:02:41 GMT
content-type: application/javascript
vary: accept-encoding, Origin
last-modified: Wed, 29 Oct 2025 20:36:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 de.json Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 35 KB
11 KB 9ms
8ms XHR
application/json 18.245.31.35
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/de.json

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-35.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f77b0c9930b3716e49e3b96aaee9c65529cd709128b5d98a7b799f141c3a2246

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://preprod.presstelegram.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

access-control-max-age: 86400
content-encoding: br
x-amz-version-id: qMYhBqyHhjQctdRVDvRHOXBkWBUrUw_Z
etag: W/"838a533c7e177335c46d84ceaa235563"
age: 68722
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: vzQcNk_45969qwxKxP60ZMGB0wX1jV26DT-XRXMH4izvJYddTGhzqg==
date: Sun, 09 Nov 2025 03:08:09 GMT
content-type: application/json
vary: accept-encoding
last-modified: Wed, 29 Oct 2025 20:36:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=86400, no-transform, public
referrer-policy: strict-origin-when-cross-origin
via: 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 35ms
28ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=138894983&post=0&tz=-8&srv=preprod.presstelegram.com&arch_home=1&hp=vip&j=1%3A15.1.1&host=preprod.presstelegram.com&ref=&fcp=0&rand=0.3250141342333248
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: no-cache
access-control-allow-origin: *
content-length: 50
alt-svc: h3=":443"; ma=86400
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/gif
server: nginx

GET 080f7c6a-4b0c-4153-9be4-8b6f11944d54
https://preprod.presstelegram.com/ 0
0

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 172 KB
0 290ms
290ms Script
application/javascript 54.192.35.109
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=eVG4zdTtv5ogBcGVQlE2BFCc8f4Hc1wJFW3k&ver=6.8.3
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.35.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-35-109.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 309f6d5473c7202c7bddef2bde5040f80a9b152b1114dfe3cd246ebfaef2d62d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=300
content-encoding: gzip
etag: W/"ebb6b596755efc382ba611676cf798a4"
via: 1.1 173e1f9e40c2df572d404097afea2570.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: BhC1YBwX7JTNoQyDzlkpUAH6WpG1zNNBHg-v2EnGA3AHKiZJoAEqgA==
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/javascript
last-modified: Wed, 05 Nov 2025 01:35:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P15
x-amz-server-side-encryption: AES256

GET
H2 200 style.css
flo.uri.sh/template/79177/v10/static/ Frame 61E5 3 KB
1 KB 35ms
35ms Stylesheet
text/css 104.18.43.42
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://flo.uri.sh/template/79177/v10/static/style.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/21260796/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.42 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4d41405a91e392ca581607a1267581ecd08372786ae34e6f66b19fc0bdc292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/visualisation/21260796/embed

Response headers

cache-control: max-age=31536000, immutable
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: qpPECG0byv6ODNF2nRLp94Y9mFy7Q1aL
etag: W/"bb0c2990cbf7bb80f27edc980467aaba"
age: 923985
x-amz-request-id: 1K2D1JARE2ENZ4Q1
cf-ray: 99c0a8606a3b5d96-FRA
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/css
last-modified: Mon, 10 Feb 2025 12:40:22 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: +10LAo9zysSnsWBo9QciglRXUJ2TjSH2yJ2vQrjdlUmdR6/FPhCCgQxplYeVBoOQtpwup4gQlFY=

GET
H3 200 connatix.player.js Show response
cds.connatix.com/p/2146273620/ Frame 723B 445 KB
111 KB 29ms
18ms Script
text/javascript 104.18.41.104
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cds.connatix.com/p/2146273620/connatix.player.js
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/2146273620/elLoader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.41.104 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b53e61fb1b23a90820f05f4730a76dbbc835ba254eeb7f4cffff0675434e8ce7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: "3857003e2597f63fdce02b0daf4b68a0"
x-amz-version-id: xuNnkdI1LsgkmdircGLfAP7AF4Grb.WB
access-control-allow-methods: *
expires: Mon, 09 Nov 2026 22:13:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/javascript
last-modified: Fri, 07 Nov 2025 14:39:23 GMT
x-amz-expiration: expiry-date="Wed, 27 May 2026 00:00:00 GMT", rule-id="Auto delete after 6 months"
priority: u=3,i=?0
vary: Accept-Encoding
access-control-allow-headers: range
x-amz-replication-status: FAILED
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
timing-allow-origin: *
cf-ray: 99c0a86089d35010-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113012
server: cloudflare
use-as-dictionary: match="/p/*/connatix.player.js", id="2146273620-connatix.player.js"

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame 61E5 33 KB
13 KB 62ms
16ms Script
application/javascript 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/21260796/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f82a19cb170738bc742075566150217df797ca3d0c875a7b3fc703f8fde521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: KPYimlQX8OqZ7NBsZ.5VloyP_9a0C4Lo
etag: W/"e8839f9a6c374951f911af25f3fc0b45"
age: 172
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Is7jvgN89h2Q43qHTfRUeiMRpE-rw0iEZi5yEsAoVZ9GvYak9hDZ9Q==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 31 Oct 2025 14:58:21 GMT
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=14400
via: 1.1 73fd3e6328cf8c076faabc9aa6581730.cloudfront.net (CloudFront)
cf-ray: 99c0a860ce6218d2-FRA
access-control-allow-origin: *
x-amz-cf-pop: WAW51-P6
server: cloudflare

GET
H3 200 / Show response
cmp.osano.com/ Frame 8B0C 5 KB
0 0ms
0ms Document
text/html 18.245.31.112
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.245.31.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-112.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0dcefa0b117fa5dc44eefa92d2bf221f3455b29354cc940f144bb268100fc116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://preprod.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 41097
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Sun, 09 Nov 2025 10:48:34 GMT
etag: W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified: Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
vary: accept-encoding Origin
via: 1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
x-amz-cf-id: ai_oH7uzR_IPAifKZvf7MaxQ6khcXUtiHiRA1shzMZbOgFdep_580w==
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256
x-amz-version-id: IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 canva-sans.css
public.flourish.studio/resources/fonts/ Frame 61E5 1 KB
607 B 23ms
22ms Stylesheet
text/css 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://public.flourish.studio/resources/fonts/canva-sans.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/21260796/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a4627883a5b19b5f81e4c048a6a2009dfdc1382e1445174974cafbe2a1d3c59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: S1V38r4PBK2_SW9EJ32Jw.jrh6rFW4G4
etag: W/"b73126cdad842c2e962450ba3e1ba76b"
age: 69348
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 22:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 19HGFBS-xSthdEDivDZ0bVA8w3OQWaygAZwKK3n1n_ocLFvPir9TcQ==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/css
last-modified: Fri, 27 Sep 2024 12:03:53 GMT
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=86400
via: 1.1 4a600188e2d2e6c09bb42256619d65cc.cloudfront.net (CloudFront)
cf-ray: 99c0a8618ef218d2-FRA
access-control-allow-origin: *
x-amz-cf-pop: HEL51-P6
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ Frame 61E5 5 KB
1 KB 48ms
24ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/21260796/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

8bce6a937391e5dff18b68877137fcc549b93417cf62c805814a6596e3fd4744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 09 Nov 2025 21:43:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 33ms
17ms Fetch
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?frm=0&en=page_view&dl=https%3A%2F%2Fpreprod.presstelegram.com%2F&scrsrc=www.googletagmanager.com&rnd=240901887.1762726411&navt=n&npa=1&us_privacy=1---&gdpr=1&gdpr_consent=CQann8AQann8AEXtHBDECCEgAAAAAEPgAAYgAAAPjgHAAcABAACQAFQANAAmABoAEIAI4AVoBAACDgLzAfGAAAAA&gtm=45He5b50v71194413za200zd71194413xea&gcs=G10-&gcd=13m3l3m2m5l1&dma_cps=-&dma=1&tcfd=14n4b&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115583767~115938466~115938468~116217636~116217638&tft=1762726410540&tfd=1274&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

GET
H2 200 script.js Show response
cdn.listrakbi.com/scripts/ 246 KB
39 KB 94ms
53ms Script
text/javascript 172.64.146.207
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=AUjk900vfCG0&v=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.207 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71cc22d62f84961505f62c6b3f3c01de05bd127e5735173998af5d8c2eeba0d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: no-store
cdn-cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: HIT
age: 17144
cf-ray: 99c0a8623b9e3aa4-FRA
x-cache-date: 2025-11-09T22:13:30.635Z
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 09 Nov 2025 17:27:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 225 KB
57 KB 170ms
148ms Script
application/javascript 104.19.220.32
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=5546
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.220.32 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2ca87106a42f7abe3e25811d964541ff15c0d7bb40af06d4cb9e4940105dac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
x-response-time: 13ms
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
x-served-by: haproxy06.cl13.ovh.mrf.io
last-modified: Sun, 09 Nov 2025 22:13:30 GMT
priority: u=1,i=?0
cache-control: max-age=1800
timing-allow-origin: *
x-envoy-upstream-service-time: 20
cf-ray: 99c0a8622d9e9763-FRA
access-control-allow-origin: *
content-length: 58030
server: cloudflare

GET
H2 204 render Show response
marfeelexperimentsexperienceengine.mrf.io/experimentsexperience/ 0
302 B 131ms
65ms Script
application/javascript 91.134.60.137
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL: https://marfeelexperimentsexperienceengine.mrf.io/experimentsexperience/render?siteId=5546&url=https%3A%2F%2Fpreprod.presstelegram.com%2F&experimentType=HeadlineAB&lang=es&version=esnext
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.60.137 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy04.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age=180, must-revalidate
x-envoy-upstream-service-time: 2
access-control-allow-origin: https://preprod.presstelegram.com
date: Sun, 09 Nov 2025 22:13:29 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
server: istio-envoy
x-served-by: haproxy04.cl13.ovh.mrf.io

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 124ms
67ms Image
text/plain 108.139.243.57
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1762726410550&ns_c=UTF-8&c8=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&c7=https%3A%2F%2Fpreprod.presstelegram.com%2F&c9=
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-243-57.mxp63.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

via: 1.1 fbd0ff69760f3a4dd26b4ffb73d9ba5c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: RAfYdciLc2QACCYCshoS17JwiKTK5x7nfGw53I4iouVQSjQ5euOa6w==
date: Sun, 09 Nov 2025 22:13:30 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP63-P3

GET 3487f9e6-3a27-4d5e-8bce-f6ee1e8a702a
https://preprod.presstelegram.com/ 0
0

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/5a20/ Frame F553 3 KB
2 KB 29ms
9ms Document
text/html 142.250.184.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/5a20/sw_iframe.html?origin=https%3A%2F%2Fpreprod.presstelegram.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

sffe /

Resource Hash

2ada301d803d8f4b2ba210c9c57091378255ed54b96e4236a9e2ce587a2a4035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 113225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1486
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Nov 2025 14:46:25 GMT
expires: Sun, 08 Nov 2026 14:46:25 GMT
last-modified: Thu, 02 Oct 2025 09:08:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 CanvaSans-VF.woff
public.flourish.studio/resources/fonts/canva-sans-variable/WOFF/ Frame 61E5 40 KB
40 KB 39ms
17ms Font
application/font-woff 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://public.flourish.studio/resources/fonts/canva-sans-variable/WOFF/CanvaSans-VF.woff
Requested by: Host: public.flourish.studio
URL: https://public.flourish.studio/resources/fonts/canva-sans.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceb167e215cbb04758af6564d8759c52ec3b39467048ffddcc0b6eff69ccd3d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://flo.uri.sh
Referer: https://public.flourish.studio/resources/fonts/canva-sans.css

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: vQCnACghPkmGSUxJCvUTfARH65mmQklR
etag: W/"19217102d331aabbffd934f72f5ede00"
age: 60241
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 22:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: Mjt_Gu2MlIEiKdk9wnIgQqXU3E7eDsrWlWWiZCLLGieJ1wy5q9dO1Q==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/font-woff
last-modified: Fri, 27 Sep 2024 12:03:53 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=86400
via: 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront)
cf-ray: 99c0a8624a1a4d97-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: cloudflare

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ Frame 61E5 15 KB
15 KB 28ms
13ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://flo.uri.sh
Referer: https://fonts.googleapis.com/

Response headers

age: 483738
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 04 Nov 2026 07:51:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 04 Nov 2025 07:51:12 GMT
last-modified: Wed, 10 Sep 2025 16:47:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14868
x-xss-protection: 0
server: sffe

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v23/ Frame 61E5 14 KB
14 KB 24ms
8ms Font
font/woff2 216.58.206.35
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v23/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f3.1e100.net

Software

sffe /

Resource Hash

06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://flo.uri.sh
Referer: https://fonts.googleapis.com/

Response headers

age: 482843
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 04 Nov 2026 08:06:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 04 Nov 2025 08:06:07 GMT
last-modified: Wed, 10 Sep 2025 16:43:54 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14724
x-xss-protection: 0
server: sffe

GET
H3 200 aaw.empowerlocal_c.js Show response
cdn.adapex.io/hb/ 504 KB
155 KB 43ms
17ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.empowerlocal_c.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92888d6cd797daf905042769dfe8cf506825811e18fdac882b5441536bb0e5f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "690998f8-7e063"
age: 56267
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HenJrXPDMFN4RAhU3yMdPFAoZ9gd29IsDb1a61%2F08P7hCHfjP7D1oCUmwftiQM8haVysaaAWB1h9uuXKoDb%2BzVL%2F41ecZZ8Nk990UqA%3D"}]}
expires: Mon, 10 Nov 2025 06:12:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript
last-modified: Tue, 04 Nov 2025 06:11:04 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: public, max-age=86400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99c0a8625db6d40e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8944 369 KB
130 KB 58ms
56ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

66b50d0e69e1c6adeb3e52125a15f87f8f3fadabb92a2192de7d2f1e45bf7047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 09 Nov 2025 22:13:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133318
date: Sun, 09 Nov 2025 22:13:30 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 WidgetTemplate.min.css
cdn-p.cityspark.com/cdn/widget/ Frame 8944 9 KB
3 KB 13ms
12ms Stylesheet
text/css 188.240.13.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=6

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js?ver=6.8.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5737e1c0fc3597f0e9814f3ad3de666f6e7d80ffffe12e75e601f12b408c12d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
etag: "1dc4a925a9a31ec"
expires: Mon, 10 Nov 2025 00:13:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/css
last-modified: Fri, 31 Oct 2025 18:15:36 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: DS8140,DS9225
x-powered-by: ASP.NET

GET
H2 200 angular.min.js Show response
cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/ Frame 8944 233 KB
81 KB 11ms
10ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js?ver=6.8.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"3a3d1-mQhO7M4PisJK9aOZxo7KSLWf0fo"
age: 257454
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230176-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 82403

GET
H2 200 widgetcombined2.min.js Show response
cdn-p.cityspark.com/cdn/widget/ Frame 8944 7 KB
4 KB 18ms
17ms Script
text/javascript 188.240.13.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/widget/widgetcombined2.min.js?v=11

Requested by

Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js?ver=6.8.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
content-encoding: gzip
etag: "1dc4a925a9a0fb1"
expires: Mon, 10 Nov 2025 00:13:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/javascript
last-modified: Fri, 31 Oct 2025 18:15:36 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: DS8140,DS9225
x-powered-by: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 424 KB
144 KB 23ms
23ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7KQJL1F9N1&cx=c&gtm=4e5b50

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9dfd16a6747a06c4bc76ea3ecf9993a45a00b67a9769b37b00633a72c3500ce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Sun, 09 Nov 2025 22:13:30 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146885
date: Sun, 09 Nov 2025 22:13:30 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET 85b8d0c3-eba6-40a5-a127-9eb084b59daa
https://preprod.presstelegram.com/ 0
0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 44ms
23ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bbdaaa50ee01c331f7d2dfdcfb57cebd61bf05b78f49b390f6882896210daac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: br
etag: 413 / 20401 / m202511040101 / config-hash: 853804471933052373
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34818
x-xss-protection: 0
server: cafe

GET
H2 200 op.js Show response
tagan.adlightning.com/mng-trib/ 20 KB
9 KB 46ms
15ms Script
application/javascript 65.8.131.100
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tagan.adlightning.com/mng-trib/op.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.131.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-131-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1e723af99ffd849974a90e9b6a0acd722ad003a95078a121a07a9110cf06e37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
x-amz-version-id: Jg.NTyOk4saCp8JrpM1vqs_hUPxDHAuN
etag: "75b425e5e4ba2bac6ce3f88b78276a36"
age: 16
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: oE5v8tM3FHwYmQTDgwZ6Xq0Yh3SkxIbAx4BPUvZANBjuQhqtu6KDFw==
date: Sun, 09 Nov 2025 22:13:24 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Sun, 09 Nov 2025 20:32:23 GMT
cache-control: max-age=1800
via: 1.1 62adf6efa9de9ec639541ac293f53aa0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8870
x-amz-meta-git_commit: b94ff10
x-amz-cf-pop: FRA60-P13
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 344 KB
88 KB 50ms
16ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 350ec21950432989b52dbe6975ecaf21700d060b295d09291ed9d89c2f1213b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"804c4a53ad229f1e20c5f5bd3df92746"
age: 664
via: 1.1 94bd75b95472ec61935815aa61472392.cloudfront.net (CloudFront), 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: NruH42tfujmd9BDS8Qp0eYkb1PfBBXQ6v1Dy82f97XvUyvbymqNplw==
date: Sun, 09 Nov 2025 22:02:27 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P14, FRA56-P6
server: AmazonS3
last-modified: Thu, 06 Nov 2025 21:45:04 GMT
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ Frame 8944 297 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 icomoon.woff
cdn-p.cityspark.com/cdn/widget/fonts/ Frame 8944 2 KB
2 KB 32ms
10ms Font
application/font-woff 188.240.13.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to

Full URL

https://cdn-p.cityspark.com/cdn/widget/fonts/icomoon.woff?-35bf

Requested by

Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=6

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
etag: "1dc4a925a9a13dc"
expires: Mon, 10 Nov 2025 00:13:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 2012
date: Sun, 09 Nov 2025 22:13:30 GMT
accept-ranges: bytes
content-type: application/font-woff
last-modified: Fri, 31 Oct 2025 18:15:36 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: DS8140,DS9225
x-powered-by: ASP.NET

GET
H2 200 ajax-loader.gif
cdn-p.cityspark.com/cdn/widget/ Frame 8944 4 KB
4 KB 11ms
11ms Image
image/gif 188.240.13.1
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn-p.cityspark.com/cdn/widget/ajax-loader.gif

Requested by

Host: cdn-p.cityspark.com
URL: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://cdn-p.cityspark.com/cdn/widget/WidgetTemplate.min.css?v=6

Response headers

strict-transport-security: max-age=0
cache-control: max-age=7200
etag: "1dc4a925a9a0452"
expires: Mon, 10 Nov 2025 00:13:30 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 4178
date: Sun, 09 Nov 2025 22:13:30 GMT
accept-ranges: bytes
content-type: image/gif
last-modified: Fri, 31 Oct 2025 18:15:36 GMT
server: Microsoft-IIS/10.0
x-cdn-host-id: DS8140,DS9225
x-powered-by: ASP.NET

GET
DATA 200
OK truncated
/ Frame 8944 1 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6596973158664281184740637fe2448c051900dfdb9becfe91eaf49f847f4c16

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 aa62cf0c-f277-4aa9-b327-5fb98339cd6d.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 118 KB
119 KB 53ms
13ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/aa62cf0c-f277-4aa9-b327-5fb98339cd6d.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

58031370c4fb1dd57a8034739c87dc5d01b9450628771cb11a98833e1f369d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: Nrz4f69S037rZ6/q9mhpNw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D099B39D747AB1
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Fri, 18 Oct 2013 00:53:37 GMT
x-cdn-host-id: ds6321,DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 54008c5d-d01e-0017-6816-a494ba000000
access-control-allow-origin: *
content-length: 120876
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Pe0Svco0QEGlvTCyNpROeg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 14 KB
14 KB 72ms
32ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/Pe0Svco0QEGlvTCyNpROeg.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

9846fd1f87a805011a249768b445e5c6cd432ea137d7993657150b0e3c9c199c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: DdGvXe8BxSir4apXDKMRIw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE125272E9882F
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Thu, 23 Oct 2025 16:37:25 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: c9161c63-e01e-001c-4d64-4c6fd1000000
access-control-allow-origin: *
content-length: 14146
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Q89UC6BB7kWULBVeE8qPRg.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 158 KB
159 KB 72ms
33ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/Q89UC6BB7kWULBVeE8qPRg.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

57c62fbb170f13fbc815defe6f9b78f6a1295816c05b2904967e41b797caacdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: N+93KTZZrs+QvLdMnUX+Hg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DDE1EAF7E56193
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Sat, 23 Aug 2025 02:15:45 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 4c4a2e0d-801e-001a-0b3e-515c6e000000
access-control-allow-origin: *
content-length: 162257
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 f026a7e8-0d9e-4cde-9208-3008a128e7f8.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 49 KB
50 KB 72ms
33ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/f026a7e8-0d9e-4cde-9208-3008a128e7f8.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

41197c7776ce34b7dac6b76ade42cf4a93d81a76248b1f18fd6447b957e14312

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: G8jdWSqhAPeMoDbEgxroIw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D4D1DA33A07790
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Sun, 23 Jul 2017 14:50:46 GMT
x-cdn-host-id: DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 4bbf502e-301e-007d-0563-284c92000000
access-control-allow-origin: *
content-length: 50547
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 6b3f73da-f7d6-4611-8cf9-80eaed3a23bd.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 98 KB
99 KB 72ms
33ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/6b3f73da-f7d6-4611-8cf9-80eaed3a23bd.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

fe84baf06dbe2a5acad027f0918e8857ae277eb4d8c56c28654477c32e001475

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: /QbhGXyTi7lHebLWa6ZSQg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D13B6B93128617
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Sun, 11 May 2014 20:06:05 GMT
x-cdn-host-id: ds6321,DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 25b85ecc-401e-0067-6e13-932d4d000000
access-control-allow-origin: *
content-length: 100621
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Fd9wD07CU0ul3FIVDdQiXA.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 117 KB
118 KB 73ms
34ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/Fd9wD07CU0ul3FIVDdQiXA.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

87ed298254d63809205135bdafa57eb5c73d9b67e4a13a0c017c1b7b15445571

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: j53Bt6mj6PZ2v8ledSzg4A==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE1EF82D60D7BD
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Sat, 08 Nov 2025 18:53:59 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 6151fe84-b01e-0001-1c48-51626d000000
access-control-allow-origin: *
content-length: 120112
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 3Og181cPvkKxt7P3MrDaWg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 23 KB
23 KB 13ms
12ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/3Og181cPvkKxt7P3MrDaWg.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f4531452d3505fc6c0c886eaf6d79aa3af695b9f83d9d0d389b17636ade9b8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: NCyRVfkU1+2lNA6XEpwIXg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE1AF4E4906B4C
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Mon, 03 Nov 2025 16:20:24 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: f84e261b-601e-003d-5aa9-4f4baa000000
access-control-allow-origin: *
content-length: 23271
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 kwqELRffk0uwfKVpW0G41w.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 180 KB
180 KB 14ms
13ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/kwqELRffk0uwfKVpW0G41w.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

67a776da171e0d9378b619c15b0f5f82763f747d2b25dfb757f0a9693df25c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: 9DQwzjkQhYDaZSsH8oxEkQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE1312A353665F
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Fri, 24 Oct 2025 15:33:10 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 072a81fb-701e-0021-5f78-5019ca000000
access-control-allow-origin: *
content-length: 184204
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 mw7YC8gseU2Tn51Bjd8bPA.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 40 KB
40 KB 20ms
19ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/mw7YC8gseU2Tn51Bjd8bPA.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f0ac30a82412c03f509ad4eddbffa48a061a6935d14e0abbe6af65360b2f18df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: GHZQmqbDi7U/POP01Sdf7Q==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE1B3714A9F139
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Nov 2025 00:14:11 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 6d732621-001e-0082-452c-4e7c0f000000
access-control-allow-origin: *
content-length: 40653
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 7FwVixq9ykSnmQhyqGPQgw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 24 KB
24 KB 21ms
20ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/7FwVixq9ykSnmQhyqGPQgw.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

a077144bbdfbf1d8caaecfc8efe9b54b75d3e973754a85e156cedfe8b3468e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: 4VIYRmtIsxnhELUMHdGh8Q==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DDE4D609E8C9C6
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Tue, 26 Aug 2025 19:23:29 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 87a371a0-201e-0013-75ba-4f19bd000000
access-control-allow-origin: *
content-length: 24622
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 qLyJvO1NMkSAIMZ8-nZPOw.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 62 KB
62 KB 22ms
21ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/qLyJvO1NMkSAIMZ8-nZPOw.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d4d8323a23def3b63d0f9b4b088f64859a13b38c06ceb61dd5dd912d21c285b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: 7S5LKZ6jQKMnqb7/gIU3Yg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE16C0B445E8A4
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Wed, 29 Oct 2025 07:56:44 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 9016c800-701e-000e-6050-511401000000
access-control-allow-origin: *
content-length: 63494
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 B3gPUk9kHEqtFBAmA9LoIQ.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 25 KB
25 KB 23ms
22ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/B3gPUk9kHEqtFBAmA9LoIQ.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

ae518112939e965630dcee927343f8946b68c9e5763ca70e54ddaa759b417f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: PPcodsTQ8RWCdZ2BDvQfGg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE0FFCAE602B4C
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Mon, 20 Oct 2025 17:18:26 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: a2fc8739-701e-0053-799e-4f1e85000000
access-control-allow-origin: *
content-length: 25189
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 81b8ac86-9575-4bf0-a8e3-7382ef984a0f.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 138 KB
138 KB 24ms
23ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/81b8ac86-9575-4bf0-a8e3-7382ef984a0f.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

6c1e865ee34b8c4a738f3ead1190213fa4dda5ae85287e74ad27949e243af89d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: gWISnTgV4tmxn95kKWe/WA==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D099ADF2DA839B
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Fri, 18 Oct 2013 00:13:04 GMT
x-cdn-host-id: DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: aff9d944-501e-006b-1a66-28ba45000000
access-control-allow-origin: *
content-length: 141125
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 LmQJDYphwUurRom1tOOENg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 26 KB
26 KB 26ms
25ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/LmQJDYphwUurRom1tOOENg.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

12ae8f475b55804a817ce84f674be39f365baa0f2970051d31caba9228cd0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: oAafUOl+UVcsVGEMvcHeQw==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE173AC7ED855A
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Wed, 29 Oct 2025 22:30:36 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 3b0cf05f-d01e-0081-06f7-509d6b000000
access-control-allow-origin: *
content-length: 26452
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 u2FUDhCVyk-9xPAI1SwLJg.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 137 KB
138 KB 27ms
26ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/u2FUDhCVyk-9xPAI1SwLJg.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

b5dc2ce56a8ac2dd002fa28a52e8a923ba628a3d361fe02ae958471186a69e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: 8DwhjcLq/Sk8RXhpL1k2TQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DBD7323D419141
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Fri, 27 Oct 2023 21:18:17 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: dbb399d1-601e-0070-16ca-4e8446000000
access-control-allow-origin: *
content-length: 140255
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 C5erq8z9-Ee6nvfqx7hMJw.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 46 KB
47 KB 32ms
31ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/C5erq8z9-Ee6nvfqx7hMJw.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

58c9bc08ff36fcb9be8b63956634ca0dabf6bdca71bef5cf325f06fe995f8fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: Bd23FNlsU+0TRw057aIH6A==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DDEB2DC7D0D682
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Wed, 03 Sep 2025 21:06:41 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 6bfa531b-101e-0008-32b5-5127be000000
access-control-allow-origin: *
content-length: 47423
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 XNM3PoDB-0a-_VSFj1yHuA.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 40 KB
41 KB 33ms
32ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/XNM3PoDB-0a-_VSFj1yHuA.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

93c97f824fc2420620eb61d2165ce7c61a03028597936382e00512abf05235cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: 0hmuB5tJ9vzElJ5tMQHXhQ==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE118F279D240F
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Wed, 22 Oct 2025 17:19:27 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 9d64eb52-301e-0020-3f42-514616000000
access-control-allow-origin: *
content-length: 41117
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 wtPUGDVGNkWkq7NLAdwfmg.medium.jpg
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 37 KB
37 KB 34ms
33ms Image
application/octet-stream 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/wtPUGDVGNkWkq7NLAdwfmg.medium.jpg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

a3f9707a30673939378e46f85784294639d4646f4b62a67073ced76114ba0db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: hZZfU92FEtPTJpMijEliGg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DE01F5E4E21BAB
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/octet-stream
last-modified: Thu, 02 Oct 2025 20:54:35 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 46c1adbe-901e-0064-09b5-51cc29000000
access-control-allow-origin: *
content-length: 37650
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 lEUmFGUoNEq021pX58VklQ.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 21 KB
21 KB 219ms
218ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/lEUmFGUoNEq021pX58VklQ.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

fdfb2b0bc29df361e537d1abcaa3ed1ed32d12b86279aac800d378b82bc38ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: JbhZJTSeU2Ic5KRR4AoN1g==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DDF00C4FBCB6C1
expires: Tue, 11 Nov 2025 22:13:31 GMT
x-proxy-cache: MISS
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: image/png
last-modified: Wed, 10 Sep 2025 01:49:42 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: 12807b2d-e01e-0023-26ad-51a772000000
access-control-allow-origin: *
content-length: 21223
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 Y25RYal8VEKPu1rdnSVpyA.medium.png
cdn59755463.blazingcdn.net/portalimages/portalimages/ Frame 8944 224 KB
224 KB 35ms
34ms Image
image/png 188.240.13.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to Show image

Full URL

https://cdn59755463.blazingcdn.net/portalimages/portalimages/Y25RYal8VEKPu1rdnSVpyA.medium.png

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.240.13.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

547b8825f3c974f2f758a25e47cf5098cbb58e857e6b8fc50c7ac47d5cbe2187

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-md5: r+/mQZVrVCdATanxqAyhxg==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DDF00C4E8F3841
expires: Tue, 11 Nov 2025 22:13:30 GMT
x-proxy-cache: HIT
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
last-modified: Wed, 10 Sep 2025 01:49:40 GMT
x-cdn-host-id: DS8139,DS9225
strict-transport-security: max-age=0
cache-control: max-age=172800
x-ms-request-id: bce46d53-701e-0021-5aad-5119ca000000
access-control-allow-origin: *
content-length: 229144
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 session Show response
session.presstelegram.com/api/ 112 B
279 B 240ms
240ms XHR
application/json 52.89.186.140
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://session.presstelegram.com/api/session
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/_static/??-eJyl0MEKwjAMBuAXcg0K2/QgXn2NbitdSpMVkzIf3+hFPLqdAiH/x09gLc24sAZWKLlGZAHi2EwYUeogIOoVx5+dI4/shspTDi7JAbYYFuDw1L2MHaPmQDZlr1Xx7t/A4x/IiwQVSEYuZUYgr7MJZB/a2uMDfTvc6Hrsu1Pb9Zdzm14LfaNO
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.186.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-186-140.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://preprod.presstelegram.com/

Response headers

access-control-allow-origin: https://preprod.presstelegram.com
content-length: 112
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/m0u3gGFkvHc/ Frame 61E5 62 KB
62 KB 100ms
63ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/m0u3gGFkvHc/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDhKs8NIDPrv_CemjvWM5WMOK1Yyg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

11405219d4697495f7a90da69545692eeeb7064044be5cec7b23c737250bfb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1761695979"
age: 3677
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 23:12:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 21:12:13 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 63661
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/CyvqEiQ0sm8/ Frame 61E5 63 KB
63 KB 235ms
200ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/CyvqEiQ0sm8/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLAsGiTYm9W0QbGGKgBjZ5Acgx-k5w

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

9033ef5674a2abb19e4b593f3ce0985be9d0df91c5a062365b17f1c555c30cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1760890119"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 64281
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/S5Ba8u1_mVI/ Frame 61E5 59 KB
59 KB 118ms
83ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/S5Ba8u1_mVI/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDXD97mm1jsNw7fIlCUeXPro8X7RQ

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

30ded6783a90452509f44e170db5f61fcf2ec34d17d504b56c0ad83e943dbac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1760660266"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 59938
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/gl4oH3uY0mo/ Frame 61E5 52 KB
52 KB 245ms
210ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/gl4oH3uY0mo/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDmgPDbPaSdZexhE1BAU-1_6kgKZw

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

a344274dbd78d432fbdb112458b48e7a9e02e8fb3bca7228d6c3cb3528698d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1759950754"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 52739
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/X9HR08Qg3aM/ Frame 61E5 22 KB
23 KB 177ms
142ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/X9HR08Qg3aM/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLB8-5cwlEXxfqC-NmgPiIJUNGkQ5g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

021420b2ee7be1424fd323c65ed537c8116d164c8bea879d905ff1220a4c23b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1758851254"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 22955
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/cSt1Sy5HBHg/ Frame 61E5 62 KB
62 KB 113ms
77ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/cSt1Sy5HBHg/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLAhC-UyX8vC0rA-Q86xnBfFwSzWoA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

4c52f8663e425ce3a63bda863088a595d9e3842e1a139165d3804c1a96a655c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1757037340"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 63743
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/WjoQ6oVsXPI/ Frame 61E5 50 KB
50 KB 81ms
51ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/WjoQ6oVsXPI/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCGLskc1KkcEEhs2c5eU3R3lfvLug

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

034d24d2cfb13338a7fb5aecff72baf6ad30132a033f82e16aa899ee4028a1c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1756942450"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 51173
x-xss-protection: 0
server: sffe

GET
H2 200 oar2.jpg
i.ytimg.com/vi/0O8FhV25BKk/ Frame 61E5 18 KB
18 KB 51ms
21ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/0O8FhV25BKk/oar2.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLD8YgES3np1HKiNwsnc3l5VoJZQ3w

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

8d8dae6da6d2e3ad368d4adbf20b92fef9ec3375382e2b02f21ab419454c5883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "0"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 18136
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/fxKneOUVeXg/ Frame 61E5 45 KB
46 KB 87ms
58ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/fxKneOUVeXg/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCV9MVy3vLuRv_lN0E70LBqbtRCsw

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

7a2af62530efdefa141a3e551e9b807f8fa682ce989965e63ac011570d0af2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1752622982"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 46501
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/-2pR7ZQbqPs/ Frame 61E5 43 KB
43 KB 184ms
155ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/-2pR7ZQbqPs/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCTJptLDBAWJ-VryLfWKTGUHdtd4g

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

2fd675ff7e925089e757f6e50f08052dbe48d4fad393e85e30bcd224a6e7806c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1752396351"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 44282
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/HY4xkgGyu9g/ Frame 61E5 56 KB
56 KB 223ms
193ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/HY4xkgGyu9g/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLB8OMxx-Xl-ZeRnp4bDy6MlGh_NIA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

fd16b7eb849a06813ac6ff4d777359f2e7a8c06e7bb7310e95b69fb1f15436cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1752533072"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 57179
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/HwoRGPq7lig/ Frame 61E5 49 KB
49 KB 228ms
198ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/HwoRGPq7lig/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBRIrFusZ1LZaO2gjyMV7mTYBvZoQ

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

aecf9bdf8d820acedd2fc970f17c745fa923042596c36357333842925f288fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1751406098"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 49678
x-xss-protection: 0
server: sffe

GET
H2 200 26b87ab0-5a9f-4319-b355-959afd0372a0.png
public.flourish.studio/uploads/2440962/ Frame 61E5 3 MB
0 23ms
19ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/26b87ab0-5a9f-4319-b355-959afd0372a0.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: WbLwBjm4F2poSmERXtkPDOeRYRtlCm4y
etag: "3cfc4f61590cc5aaca4a4a5457a24ea8"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: JYbSCQXxaWgUk6ZWi8L6HcmiTJ7geRniUquVtervtfid_n__hbkg4A==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 15 Jun 2025 00:11:06 GMT
cache-control: public, max-age=14400
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
cf-ray: 99c0a863683518d2-FRA
access-control-allow-origin: *
content-length: 10826957
x-amz-cf-pop: OSL50-P1
server: cloudflare

GET
H2 200 bc7c95bd-576e-4770-8f48-35fd22e8b2ca.jpg
public.flourish.studio/uploads/2440962/ Frame 61E5 268 KB
268 KB 24ms
20ms Image
image/jpeg 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/bc7c95bd-576e-4770-8f48-35fd22e8b2ca.jpg
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c23465a21dc20ca5105a9a0411bd5aa712b6dad3fa4b933546bdf0dcfdd5951d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: yLahhxKorqH_WTRil4BjA0R9phbbcaab
etag: "2f6df75ba40d1c24f87ef45d6fd681f4"
age: 4141
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: l8bQKXMWhDKxxRds9BmtnXToBiDehiAFRqAy1jsRCkfMu8TstZikIg==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/jpeg
content-disposition: attachment
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 12 Jun 2025 20:29:55 GMT
cache-control: public, max-age=14400
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
cf-ray: 99c0a863683718d2-FRA
access-control-allow-origin: *
content-length: 273939
x-amz-cf-pop: OSL50-P1
server: cloudflare

GET
H2 200 2dfcd2d9-b415-47fe-a952-eed439c9a264.png
public.flourish.studio/uploads/2440962/ Frame 61E5 3 MB
0 85ms
81ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/2dfcd2d9-b415-47fe-a952-eed439c9a264.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: ql2RZmA_cOmIbYKXTLrs1LSXsqpeBoU3
etag: "51e7172fcf06dc0573a830d1513a1ef7"
age: 2470
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: RqSe3jCDNrnNmDtqHtIb8tzdM0_lK2M04fNZ-GS1ZivLVi6FOfiGCA==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 12 Jun 2025 22:21:04 GMT
cache-control: public, max-age=14400
via: 1.1 a518e760e3385fe7d3149dc8d96ced80.cloudfront.net (CloudFront)
cf-ray: 99c0a863783e18d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5211114
x-amz-cf-pop: BAH52-P1
server: cloudflare

GET
H2 200 d6866fb4-757f-44f8-8f6a-9737dac747b7.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 431ms
427ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/d6866fb4-757f-44f8-8f6a-9737dac747b7.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: xhWXFmnzUONJCDaCLHih49iwwmdz9IGZ
etag: "4d8bcb5762b6e8df55152f8789c06713"
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: aqg3SxpoeycaEefbfT8PbSNEs_8dooEMMKHncDVS_PEYvIPlWDH1jQ==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 12 Jun 2025 22:22:26 GMT
cache-control: public, max-age=14400
via: 1.1 301faf3f65621d2ccd9fad88788c128a.cloudfront.net (CloudFront)
cf-ray: 99c0a863783f18d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11152480
x-amz-cf-pop: ARN56-P1
server: cloudflare

GET
H2 200 bfbbf9ac-3186-425d-a360-a534248b34e1.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 296ms
293ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/bfbbf9ac-3186-425d-a360-a534248b34e1.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: M2MijcTIpZxzSAxKF49H7mI3JTTAhKSM
etag: "5fc5ec2fe4d48cb8d5cdf7d7e872df5b"
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: 1xGCBaqYTylN79Q1PGwok2uqxWRcySwUvIgmLFjei2nob2XbC0b72w==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 12 Jun 2025 22:21:56 GMT
cache-control: public, max-age=14400
via: 1.1 e398192cbf3033799f300d7d727655d0.cloudfront.net (CloudFront)
cf-ray: 99c0a863784118d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10531609
x-amz-cf-pop: DXB53-P1
server: cloudflare

GET
H2 200 1e5f5bd3-0a85-43d9-846b-df852dc1c777.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 162ms
159ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/1e5f5bd3-0a85-43d9-846b-df852dc1c777.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: PlLYmiNHh3DL8XZ8OIg7vM8JlQ5l4SSo
etag: "35338b80becdce71a29fbca287f0e131"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Ig02GCl2EOmR4dS6uFVwuUuBGS1Ga8dQkC269S9-k9y34RpCN4tqDg==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 12 Jun 2025 22:23:01 GMT
cache-control: public, max-age=14400
via: 1.1 451dbf0c4b9432494b69933368eb09a8.cloudfront.net (CloudFront)
cf-ray: 99c0a863784218d2-FRA
access-control-allow-origin: *
content-length: 6017098
x-amz-cf-pop: FRA56-P13
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/Kn7yFC17Pzo/ Frame 61E5 36 KB
37 KB 173ms
143ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/Kn7yFC17Pzo/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBHr0B89PMLHFn20ZPkwGJLECKapA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

2e365b77c849e5c99e4b3ad4567057b3d89fdcd8766989a1ae737d7b624c1dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1747876063"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 37287
x-xss-protection: 0
server: sffe

GET
H2 200 65075d0c-eada-4c0d-b985-85c5ed89f602.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 389ms
386ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/65075d0c-eada-4c0d-b985-85c5ed89f602.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: 4Sdm7p4o36H3ViRbYe8rQhywOEc6a7w6
etag: "0c30c6633e47c9c0c9eadc7c3f630f91"
age: 52938
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 778_moCKgETXZCUhROCXg1SLnWm8I6iG_4oaeKsr9a4WBgtWSb7P6g==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Tue, 27 May 2025 22:32:29 GMT
cache-control: public, max-age=14400
via: 1.1 cb67ab2ecd69029ff52ff7bdcef2f6e0.cloudfront.net (CloudFront)
cf-ray: 99c0a863784318d2-FRA
access-control-allow-origin: *
content-length: 2179395
x-amz-cf-pop: SOF50-P1
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/7xNkewhsuyo/ Frame 61E5 32 KB
32 KB 135ms
105ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/7xNkewhsuyo/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCwCUw3rUo-PXG273nv9r3-fIEBlw

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

1642bed6e0dcc566ba5c27bef15225bee455d146350b9a5a7bff2e4bb525c3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1746903487"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 32998
x-xss-protection: 0
server: sffe

GET
H2 200 oar2.jpg
i.ytimg.com/vi/SsihIuM_FGk/ Frame 61E5 13 KB
13 KB 63ms
33ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/SsihIuM_FGk/oar2.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDLi3W6m0OA-P6hU2jMn3Djyk2IKg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

9c9d204b9d6df098abbbd2608b86e7a3a715c0e22002c01be8ead0b25de4a1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "0"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 13416
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/8QXDQT9TegE/ Frame 61E5 29 KB
29 KB 183ms
153ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/8QXDQT9TegE/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCbOlj20lbaDjP3RywUCCA8ycxYOA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

f12b25b46a0b921760a14d2c567fed884bad518224e3d5de8ef6fe734eb3a706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1746399707"
age: 4140
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 23:04:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 21:04:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 29540
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/P5R9F5dal5A/ Frame 61E5 32 KB
33 KB 176ms
146ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/P5R9F5dal5A/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBhFQ85vD0UexvG2uZVYLDnblXF4A

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

38e239b28bb4d4d5c2d042051a405e452e37260c8078cc54c890fd355f7dc6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1746141445"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 33276
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/jMuhIxo60dA/ Frame 61E5 35 KB
35 KB 115ms
86ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/jMuhIxo60dA/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBNd-O1_CQR8hbM5EqhFNQY7aBuAw

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

54cf63c84f6217ccb34b4e5d85f100621b89222dead17d167a7c94eabc85e6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1745735698"
age: 5625
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:39:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:39:45 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 35461
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/Hx2Wvh755Rc/ Frame 61E5 45 KB
46 KB 248ms
218ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/Hx2Wvh755Rc/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLB6J4Bqn8f2K4AIPVb5up2h9qHhKg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

994053be31701f2690f72b6272156839f4658cdc6baa800989f0915bd9e72e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1745799392"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 46547
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/QZc2nGdjSfI/ Frame 61E5 58 KB
58 KB 187ms
156ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/QZc2nGdjSfI/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDYCUq72GRylIA8KsczMkXJyIRRdg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

b52284f9e5a84b45669fd91a447c44a5d9de9eafb4099a50339b8472f4b274f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1744661370"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 59066
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/KWcTNEmn9t0/ Frame 61E5 61 KB
61 KB 195ms
166ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/KWcTNEmn9t0/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDaS7CuJv9JYSYqA15ac5nWm8CYFA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

c692f985566bf35bb634ee97c27df19e481cde3c90d5381167026e93a97638ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1744407042"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 62634
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/a05fP9RkbHU/ Frame 61E5 41 KB
41 KB 70ms
39ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/a05fP9RkbHU/oardefault.jpg?sqp=-oaymwEoCJYDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBv5ithr-QwLWEyHwfgA27VAefo4w

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

2decafc5cf4294748ddce0a03f26da5ac3b6e7457ffff77366c6418972223fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1744147455"
age: 4140
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 23:04:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 21:04:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 42122
x-xss-protection: 0
server: sffe

GET
H2 200 9dadcd6d-7428-419c-a02e-f1498d7cc533.jpg
public.flourish.studio/uploads/2440962/ Frame 61E5 161 KB
162 KB 173ms
169ms Image
image/jpeg 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/9dadcd6d-7428-419c-a02e-f1498d7cc533.jpg
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80de1843f75ef01d74ba38b8848cd214b3a9a9b3f1d1e744d8b2550dd3e5e9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: 1LmrnqnKJvhbXwRnz7SaCEMp77.0HSHO
etag: "1542d1567fdccd32b343357ba46ce855"
age: 1374
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Yg2E9jP0WCuO4GcqVbxbnzTBX6kKjK8dP8XFwJe8qyVtDsWxvACLSQ==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/jpeg
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 28 Mar 2025 15:38:06 GMT
cache-control: public, max-age=14400
via: 1.1 584ccb16a19abf8b0f7eb7449c4025a0.cloudfront.net (CloudFront)
cf-ray: 99c0a863785318d2-FRA
access-control-allow-origin: *
content-length: 165350
x-amz-cf-pop: WAW51-P6
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/Vs8Asl-PVNA/ Frame 61E5 27 KB
27 KB 211ms
182ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/Vs8Asl-PVNA/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLA-oikDRPAacR-iHATRfNrWak06yQ

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

d6fea580c3b7b818a29c50faa7b0289362d6fd47f9d0773027da496a725cd308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1742938457"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 27589
x-xss-protection: 0
server: sffe

GET
H2 200 2784b3b6-fa4a-4bba-b8a6-b398cceff288.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 235ms
231ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/2784b3b6-fa4a-4bba-b8a6-b398cceff288.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: 5iYgJbXMx2bYICA.PAMKo.lFLywH_DVa
etag: "ec56487dfda25ab3753e3ef8bd1a8b22"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: h8sDwfhymHB-eZJn9-iHJxZJPDSzMkFOhihyg7fvkCSKrSVPAWQM_Q==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 21 Mar 2025 17:31:20 GMT
cache-control: public, max-age=14400
via: 1.1 56706a0e74c90535106878a6a2f1475c.cloudfront.net (CloudFront)
cf-ray: 99c0a863784818d2-FRA
access-control-allow-origin: *
content-length: 9441960
x-amz-cf-pop: TLV50-C2
server: cloudflare

GET
H2 200 272a282a-d9ec-421d-9ba0-efdfe4a66352.png
public.flourish.studio/uploads/2440962/ Frame 61E5 1 MB
1 MB 202ms
199ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/272a282a-d9ec-421d-9ba0-efdfe4a66352.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87dc4cd6fed71feb6ef061545810d93914709e26e986ae3a18acc8b924dcc649

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: 0dBt8jsbuZH5yzSy8QC.znQZHPoHZ3hy
etag: "f772b9c386b8e225623cabaee5fa660d"
age: 2470
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: 7IMYce71WvwDahkSmk5nEdCHueBMXDsP5oEZe2Mb5C9ijkooz4wsrA==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 18 Mar 2025 23:21:14 GMT
cache-control: public, max-age=14400
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
cf-ray: 99c0a863784918d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1219025
x-amz-cf-pop: OSL50-P1
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/CkdTsbN4QWw/ Frame 61E5 35 KB
35 KB 201ms
172ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/CkdTsbN4QWw/oardefault.jpg?sqp=-oaymwEoCJYDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCJkY9V8DzJotpkGgafxGn8nEkepQ

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

0aa42ccc6a173286bc7101886231b163807f9a00ae8fce0f5c1de562430f64a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1742259501"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 35664
x-xss-protection: 0
server: sffe

GET
H2 200 d131a303-cae0-4bfd-b1b8-cdd79fbdba0d.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 359ms
356ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/d131a303-cae0-4bfd-b1b8-cdd79fbdba0d.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: NOkARY1EPy5s4bxXeb3edtQI_XzFpi3K
etag: "bc9a25bcbc339afc3e882bad0a2669a2"
age: 280
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 74RO8LWjz_XNxealiHrL1INP7enittnc7I1SYgtM18s5UKNeJ4xo3g==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 15 Mar 2025 22:33:08 GMT
cache-control: public, max-age=14400
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
cf-ray: 99c0a863785918d2-FRA
access-control-allow-origin: *
content-length: 4182163
x-amz-cf-pop: OSL50-P1
server: cloudflare

GET
H2 200 368ebf22-39c1-4278-be89-42a014beac47.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 227ms
225ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/368ebf22-39c1-4278-be89-42a014beac47.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: tbg5OjCymQKjiljD1ImchjctdbOhIAbR
etag: "e4631ed89785c5d0210e3ebb5ebe559f"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 029wnu6j6SOkBSV8KZ6B2iz-mQSq4f5HL7GOH07JTR7lk4BaZol-yw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 15 Mar 2025 22:32:14 GMT
cache-control: public, max-age=14400
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
cf-ray: 99c0a863785118d2-FRA
access-control-allow-origin: *
content-length: 3484468
x-amz-cf-pop: AMS54-C1
server: cloudflare

GET
H2 200 28b85c5d-f49c-4fb9-a0c5-afea22a09b82.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 162ms
159ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/28b85c5d-f49c-4fb9-a0c5-afea22a09b82.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: nzpK9nWEGxR4EZRwB0N5Ct5xeYlOtFXh
etag: "3e5f3a17d9485f6955823efe7d3bf17f"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: -ZXo3xHz8AoHDEEAilSwwkMGqcms9x9J2zgKdbEU1xQyaOnTy1eTrw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 07 Mar 2025 00:35:54 GMT
cache-control: public, max-age=14400
via: 1.1 953ec33235d719831a6e6956b5e5bb7a.cloudfront.net (CloudFront)
cf-ray: 99c0a863784518d2-FRA
access-control-allow-origin: *
content-length: 4981094
x-amz-cf-pop: ARN56-P1
server: cloudflare

GET
H2 200 7248e69b-6500-4f82-a3ed-dfdfb4901f14.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 329ms
327ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/7248e69b-6500-4f82-a3ed-dfdfb4901f14.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: lqWaw6p5IQ3Hvz8zEYGtuMJFRl0Ehg0K
etag: "8be3c01049ac98da17ee6be3dd7c4e59"
age: 2470
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 8A5PEOUO7w9a2WDLwWQo47ug0T7juHOfrZ5uJjSEU2rjWpjR_N3gHA==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Thu, 06 Mar 2025 21:26:19 GMT
cache-control: public, max-age=14400
via: 1.1 0078c2805bf98a4574ea5eee972aa9f6.cloudfront.net (CloudFront)
cf-ray: 99c0a863784f18d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6185719
x-amz-cf-pop: ARN56-P1
server: cloudflare

GET
H2 200 438912b8-07e2-46cf-b3e2-376546e7edbd.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 429ms
426ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/438912b8-07e2-46cf-b3e2-376546e7edbd.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: 0_JvwpoSKvw4t7ro6wR_GFs.5Picka18
etag: "78a06e7c3e8ebb7d333301274c2b3d2d"
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: eaE3RU4lSiGBLB39dUhvIlm1O20f5q_aPntN-mrRRpI-TOcg_cOjAw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 26 Feb 2025 22:23:20 GMT
cache-control: public, max-age=14400
via: 1.1 7a6b4cd1254095c5b4b5ec2c3af1870a.cloudfront.net (CloudFront)
cf-ray: 99c0a863784a18d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3737692
x-amz-cf-pop: FRA60-P7
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/gwEYdb7NqtM/ Frame 61E5 85 KB
85 KB 104ms
74ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/gwEYdb7NqtM/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLDjObRS4qgFtusuSl6OylmJyJtBHQ

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

46ab40b562cd1fc7a83fe12daa33bceef61e526b56d9d602a19e65290d27a28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1740192403"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 87377
x-xss-protection: 0
server: sffe

GET
H2 200 65f64199-7a55-4fff-a7d4-2de310f58d28.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 389ms
386ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/65f64199-7a55-4fff-a7d4-2de310f58d28.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: HbPbzm6Qg1fI4LiHdLU3aNiguf9mE2rT
etag: "a6cf198ac5ca6000eef74fe4dcc2e029"
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: ybjiUI8DeGRXy4j2nofq4flmDCtgxJ0bK_PQsQ7x8pgOOHjfusuKjg==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 20 Feb 2025 18:30:05 GMT
cache-control: public, max-age=14400
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
cf-ray: 99c0a863785018d2-FRA
access-control-allow-origin: *
content-length: 4366930
x-amz-cf-pop: OSL50-P1
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/ewFa5ep4-lQ/ Frame 61E5 33 KB
33 KB 75ms
45ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/ewFa5ep4-lQ/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCUiTmaXSldg0zdzoW_wD9oRumhtA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

0a8fdd5e32c8e28e0ed44560fa8102b865225b1bcc896151c20e8f8c74af3fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1739911536"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 33362
x-xss-protection: 0
server: sffe

GET
H2 200 fe42e6c9-c929-4e55-ad57-30b958dc4d1f.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 255ms
253ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/fe42e6c9-c929-4e55-ad57-30b958dc4d1f.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: U7O0M.beNvJzRj99HAsL70JwBoI9e50L
etag: "c4ab7518bc89fa0851e8cc34e6f40640"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: UImM9YdGtPrrcpdQsto0f2m2BTmglXHhTFmEc-5d7oTPmCZFtFZIxw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 15 Feb 2025 20:06:42 GMT
cache-control: public, max-age=14400
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-ray: 99c0a863785b18d2-FRA
access-control-allow-origin: *
content-length: 14709264
x-amz-cf-pop: FRA60-P7
server: cloudflare

GET
H2 200 8930c1b4-6dce-49cc-84cc-09e07244cec2.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 429ms
426ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/8930c1b4-6dce-49cc-84cc-09e07244cec2.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: REVALIDATED
x-amz-version-id: evanKgKh1FmjZsGgsHMF3krZb4TkRCLC
etag: "874d8efa2cf7487bd13fd0a5dbed5738"
age: 313
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: Qn5M64P1LV_YPTpqxesg6OiC9r3bGNBNsnRbo08pengQMPvi0_-6bw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 15 Feb 2025 20:05:06 GMT
cache-control: public, max-age=14400
via: 1.1 e36fe0bdae95008c3ad3d675228af1aa.cloudfront.net (CloudFront)
cf-ray: 99c0a863785518d2-FRA
access-control-allow-origin: *
content-length: 16015256
x-amz-cf-pop: MXP64-P2
server: cloudflare

GET
H2 200 53b9cb46-2b8f-453f-b637-e5d7b57f13df.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
0 243ms
241ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/53b9cb46-2b8f-453f-b637-e5d7b57f13df.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: xv.S0CwDMCl_EMuzuLU3W8bknrwcPpiQ
etag: "0e78f3ed214311137e4723f8cf7b7c2b"
age: 2470
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: rAk_z3v7WZaCucYd6z9b88T0ydGJRvHIWXJxiMz3zvGoExIzKv7kMQ==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 15 Feb 2025 20:03:27 GMT
cache-control: public, max-age=14400
via: 1.1 670a338b13066689f35346a843426e26.cloudfront.net (CloudFront)
cf-ray: 99c0a863785818d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13559005
x-amz-cf-pop: HEL51-P6
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/aPn6E5r0YbY/ Frame 61E5 39 KB
39 KB 126ms
96ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/aPn6E5r0YbY/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBq5NDJX19F1R_ujXIZlya47Gv0vw

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

ce8540381f18091f029dc3cecf532df272d8a514b496d7b07ee4cd30cad83fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1739325308"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 39993
x-xss-protection: 0
server: sffe

GET
H2 200 69925cc5-b5c7-4513-bdc9-f7ff51ee9a35.png
public.flourish.studio/uploads/2440962/ Frame 61E5 2 MB
2 MB 214ms
212ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/69925cc5-b5c7-4513-bdc9-f7ff51ee9a35.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eaba302c5939778c773699be49533773bb914e7ea0faf37c5e36aaa4a5a248c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: k9LAJWvCQKLbKZFCNtuqvVxQS32CcTQa
etag: "61d7be647abf252335013c5eb4089d99"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: QFowXfG6vl_xDYBeEjhWWBBjMFmhws37bAAZl8R6hDYyshlfU8Z92A==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 07 Feb 2025 03:46:18 GMT
cache-control: public, max-age=14400
via: 1.1 62106b168ab54fb8472f59ef6c264a5c.cloudfront.net (CloudFront)
cf-ray: 99c0a863784c18d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2355096
x-amz-cf-pop: CPH50-P1
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/lftqS9c058M/ Frame 61E5 30 KB
30 KB 137ms
107ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/lftqS9c058M/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLCreiM3QY2DDVMF7HHjdSTgmMfqjw

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

d57c9988fd444e67c4513849870037d0dc6d7c44e8d214140ae8877932081860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1731974127"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 31013
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/URxnwVHIcUk/ Frame 61E5 37 KB
37 KB 253ms
224ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/URxnwVHIcUk/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBCn_9hIgcaG5vKRZs1tRkIKnRToA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

3a5cbd6426ff84a3a5f0276d79ebe0b514861cb352831aa33c3bf7615097619e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1734720066"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 38039
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/4ARG4OJtpMk/ Frame 61E5 37 KB
37 KB 177ms
148ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/4ARG4OJtpMk/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLAuwI9qV1b1CdkfCkbEUNvYnthNTA

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

57aa25fd52daf74e309468d488608cf631a786632c949c74a945e5a6e4dd0ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1734060111"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 38295
x-xss-protection: 0
server: sffe

GET
H2 200 oar2.jpg
i.ytimg.com/vi/Kc_mE0r0ZlA/ Frame 61E5 37 KB
37 KB 120ms
91ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/Kc_mE0r0ZlA/oar2.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLC6AD_1AUQoQ1qAHl4y5GIJKRvQ6Q

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

1455cbaf3450e8666bee40e6e662990425c0d25d23467452420e1f2f0ea3adc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1735841865"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 37472
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/OUZUBbVUx9E/ Frame 61E5 52 KB
52 KB 146ms
117ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/OUZUBbVUx9E/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLB-lEDHs54F41_VnqKqX1R8dyL7Wg

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

979c9ad8d1390d488535737c2ef027ef9b09f73fa82e174037c03ee7197381cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1737076190"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 53036
x-xss-protection: 0
server: sffe

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/gvhmBnc58Vw/ Frame 61E5 67 KB
67 KB 215ms
186ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/gvhmBnc58Vw/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLAIw-em4_Ansy4u_YOOEftR95xe1Q

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

b1e36127bb0d2a9520feb33a97a765d8a9e3ba766178ce3b6cae02aaac6ff540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1734564866"
age: 0
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Mon, 10 Nov 2025 00:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 68117
x-xss-protection: 0
server: sffe

GET
H2 200 5f897cef-079a-4599-8074-4de1e6dd2169.png
public.flourish.studio/uploads/2440962/ Frame 61E5 184 KB
185 KB 209ms
207ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/5f897cef-079a-4599-8074-4de1e6dd2169.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e58e1223a355ecc3c3b53e39bbfe8bae5462e46db81c59d08fe68e6560e20fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: AEIKiYWGXgWT.3eZyp9m2ySE8Y8lmaLS
etag: "320d9bda922d074c567eb814e341551f"
age: 2469
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: RtajrNRX3HXitf3sQvq6hnGVl2oVmasyMyk2-kyNd4ZJlbgjL9kDeg==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 29 Jan 2025 20:16:57 GMT
cache-control: public, max-age=14400
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
cf-ray: 99c0a863784e18d2-FRA
access-control-allow-origin: *
content-length: 188747
x-amz-cf-pop: OSL50-P1
server: cloudflare

GET
H2 200 oardefault.jpg
i.ytimg.com/vi/G4cxNJ8lzcU/ Frame 61E5 30 KB
31 KB 119ms
89ms Image
image/avif 142.250.186.182
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/G4cxNJ8lzcU/oardefault.jpg?sqp=-oaymwEoCJUDENAFSFqQAgHyq4qpAxcIARUAAIhC2AEB4gEKCBgQAhgGOAFAAQ==&rs=AOn4CLBxPY-jEPvkANGy0eyL2aY4jJdpIQ

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.182 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f22.1e100.net

Software

sffe /

Resource Hash

83aebe348242682d7444a70af32100a640bbd707197046ba5bda967f5b99773e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

etag: "1730350176"
age: 6472
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:25:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 20:25:38 GMT
content-type: image/avif
cache-control: public, max-age=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 31197
x-xss-protection: 0
server: sffe

GET
H2 200 3fd4b056-fdd6-4f4e-88d1-ec34cb997578.png
public.flourish.studio/uploads/2440962/ Frame 61E5 381 KB
382 KB 247ms
246ms Image
image/png 172.64.155.82
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://public.flourish.studio/uploads/2440962/3fd4b056-fdd6-4f4e-88d1-ec34cb997578.png
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.155.82 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31202265de5943547129442475ded42311f70ed4d654408be7b69dad8377b31c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://flo.uri.sh/

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
x-amz-version-id: sWgMRWICA4UY1n3pES7RxtAjGSlG5SgH
etag: "36c1a33cd5ccd5257150f20c54816816"
age: 2470
access-control-allow-methods: POST, GET, HEAD, PUT
expires: Mon, 10 Nov 2025 02:13:30 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 1lFTMBUdKZcyQDSpDghVp7WgbFuP_rwfAK1T9EsrsKzklJNyDlBRTw==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: image/png
content-disposition: attachment
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified: Wed, 29 Jan 2025 20:17:50 GMT
cache-control: public, max-age=14400
via: 1.1 6cfe3bbb6480c049c2a656d91758aa90.cloudfront.net (CloudFront)
cf-ray: 99c0a863784618d2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 390541
x-amz-cf-pop: FRA56-P13
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ Frame 8944 0
0 99ms
40ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-39CWM68PTE&gtm=45je5b50v9122458175za200zd9122458175&_p=1762726410596&gcs=G10-&gcd=13m3lPm2m5l1&npa=1&dma_cps=-&dma=1&tcfd=14n4b&cid=1668766368.1762726411&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=denied&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115583767~115616985~115938466~115938469~116217636~116217638&dp=%2Fwidget%2FLongBeachPress%2F11272%2FUpcoming%20Events%2F2a6528a6529a6564a6579a%2F&sid=1762726410&sct=1&seg=0&dl=https%3A%2F%2Fpreprod.presstelegram.com%2F&dr=https%3A%2F%2Fpreprod.presstelegram.com%2F&dt=WidgetTemplate&_tu=QA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hostname=p.cityspark.com&tfd=294
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39CWM68PTE&l=cswDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://preprod.presstelegram.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 compass-multimedia-sdk.js Show response
sdk.mrf.io/statics/ 11 KB
4 KB 97ms
97ms Script
application/javascript 104.19.220.32
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=2171
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.220.32 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a50a8585ed1293bb8231beb0b375733179949e6693ffbee4befa3bc646c4a770

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"9fccffa7dbce96b2ccef8bb5f22cbf58"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: tAepP3oPxuJRjUtCzI78k22tovrVicTCrcm0EsTQZqbkgKA7ca8wCQ==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Fri, 07 Nov 2025 10:46:11 GMT
vary: accept-encoding
priority: u=1,i=?0
x-served-by: haproxy06.cl13.ovh.mrf.io
server-timing: cfExtPri
cache-control: max-age=3600
timing-allow-origin: *
x-envoy-upstream-service-time: 15
via: 1.1 1e9d4474768cac13d02c7902d1cf85de.cloudfront.net (CloudFront)
cf-ray: 99c0a8643f279763-FRA
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 style
accounts.google.com/gsi/ 696 B
666 B 70ms
69ms Stylesheet
text/css 108.177.15.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f84.1e100.net

Software

ESF /

Resource Hash

d49e8f04be7ccbb69e87ae474ee50f6903b780451989e66d35ffc247a80510fe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-46YyWjRaETgBZOZGtuFWxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-46YyWjRaETgBZOZGtuFWxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Sun, 09 Nov 2025 22:13:30 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 web-identity
google.com/.well-known/ 0
131 B FedCM
application/json 142.250.185.196
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://google.com/.well-known/web-identity

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

sffe /

Resource Hash

449a05234c179f92cedda0b99b2f16d311214393fcae0313dcd39f228d7c624f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json

Response headers

accept-ranges: bytes
age: 51165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 107
content-type: application/json
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
date: Sun, 09 Nov 2025 08:00:46 GMT
expires: Mon, 10 Nov 2025 08:00:46 GMT
last-modified: Thu, 06 Jun 2024 18:30:00 GMT
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fedcm.json
accounts.google.com/gsi/ 0
1 KB FedCM
application/json 108.177.15.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/fedcm.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f84.1e100.net

Software

ESF /

Resource Hash

3ceb3d73867b1e6b7afd0ab69e54fc13efa43802621d11d59582e04f477012ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZlGI_LUvQtlWyoaOCJT8lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZlGI_LUvQtlWyoaOCJT8lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: application/json; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Sun, 09 Nov 2025 22:13:31 GMT
expires: Sun, 09 Nov 2025 22:13:31 GMT
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 / Show response
cat1.hbwrapper.com/ 15 B
202 B 338ms
96ms Fetch
application/json 134.122.30.244
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cat1.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.empowerlocal_c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.30.244 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture1.analytics.hbwrapper
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://preprod.presstelegram.com/

Response headers

access-control-allow-origin: https://preprod.presstelegram.com
content-length: 15
date: Sun, 09 Nov 2025 22:13:31 GMT
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-credentials: true

GET
H3

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@5.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@5.1.0/dist/web-vitals.iife.js

6 KB
3 KB

54ms
54ms

Script
text/javascript

104.18.1.22
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://unpkg.com/web-vitals@5.1.0/dist/web-vitals.iife.js

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Server

104.18.1.22 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8890ec954757ea8e4801f49958afb76e2b8837c47fec5b16598fc20cbd49c220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
age: 27671
access-control-allow-methods: GET, HEAD, OPTIONS
x-content-type-options: nosniff
expires: Mon, 09 Nov 2026 22:13:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 28 Oct 2025 22:27:07 GMT
vary: Accept-Encoding
fly-request-id: 01K8PEX89FM4KNB79HXENTJ32K-fra
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
priority: u=3,i=?0
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 fly.io, 1.1 fly.io
cf-ray: 99c0a8657b525d88-FRA
content-digest: sha256=:iJDslUdX6o5IAfSZWK+3biuIN8R/7FsWWY/CDL1JwiA=:
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=60, s-maxage=300
location: /web-vitals@5.1.0/dist/web-vitals.iife.js
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-ray: 99c0a864fb0a5d88-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 56
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H2 200 / Show response
cat1.hbwrapper.com/ 15 B
201 B 413ms
178ms Fetch
application/json 134.122.30.244
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cat1.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.empowerlocal_c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 134.122.30.244 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture1.analytics.hbwrapper
Software: nginx /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://preprod.presstelegram.com/

Response headers

access-control-allow-origin: https://preprod.presstelegram.com
content-length: 15
date: Sun, 09 Nov 2025 22:13:31 GMT
etag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-credentials: true

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 302 B
443 B 103ms
38ms Fetch
text/plain 104.16.132.229
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.empowerlocal_c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad50315ed77c0fe6115a0e94ffcb22b55320dad23958cac968bf55cf4d66db02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: no-cache
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 99c0a8653b383554-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: *
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: text/plain
server: cloudflare
x-frame-options: DENY

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 26ms
26ms Fetch
application/json 151.101.129.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.empowerlocal_c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c6edfb7305332d09b0d4dc3dce7d5566bc16e09539991f3dad93d037e0d9d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://preprod.presstelegram.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"64c-pDpcaDKEeIWKXnHOZZG8O/QZBz0"
age: 22377
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230070-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 856
x-jsd-version: 1.0.2604

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 cookiesEnabled.html Show response
hbwrapper.nyc3.cdn.digitaloceanspaces.com/ Frame 4C98 1 KB
1 KB 79ms
28ms Document
text/html 172.64.145.29
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://hbwrapper.nyc3.cdn.digitaloceanspaces.com/cookiesEnabled.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.145.29 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2733125bb1f449b914af1d32ebde845b3c50a51c019a496800cdf87a59c03868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://preprod.presstelegram.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age: 1628
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 99c0a8657b708cb6-FRA
content-encoding: gzip
content-type: text/html
date: Sun, 09 Nov 2025 22:13:31 GMT
last-modified: Mon, 17 Mar 2025 15:18:39 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx0000052e20efc2304a474-00686cff52-5db299cd-nyc3d
x-do-cdn-uuid: 4f88fc75-8537-45d2-a076-6d81ad99152b
x-rgw-object-type: Normal

GET
H3 200 e8cc87bc9524beab8d23.js Show response
sdk.mrf.io/statics/ 87 KB
20 KB 64ms
64ms Script
application/javascript 104.19.220.32
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://sdk.mrf.io/statics/e8cc87bc9524beab8d23.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.220.32 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 576fc25c3f65834484ca14dd12a798d7a399f771282954735f7c6f6d62356880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://preprod.presstelegram.com
Referer: https://preprod.presstelegram.com/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"6e09b4457fef8a49a4cf85a476345b11"
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: jpi23zzuXdoARMnPEbcB96k8DA-OpR783l2ZQuTlV6XI7qhIaVALCg==
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/javascript;charset=UTF-8
last-modified: Fri, 07 Nov 2025 10:46:11 GMT
vary: accept-encoding
priority: u=1,i=?0
x-served-by: haproxy05.cl13.ovh.mrf.io
server-timing: cfExtPri
cache-control: max-age=3600
timing-allow-origin: *
x-envoy-upstream-service-time: 44
via: 1.1 695eb63e742ec6b6e245772eb313e746.cloudfront.net (CloudFront)
cf-ray: 99c0a86538069763-FRA
access-control-allow-origin: *
x-amz-cf-pop: LHR61-C1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 54ms
54ms Stylesheet
text/css 172.64.146.207
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.146.207 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6fbb9443e84bd35aa66f00eec528d0e9"
cf-ray: 99c0a8654dbb3aa4-FRA
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare

GET
H2 200 listaccounts
accounts.google.com/gsi/fedcm/ 0
886 B FedCM
application/json 108.177.15.84
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://accounts.google.com/gsi/fedcm/listaccounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f84.1e100.net

Software

ESF /

Resource Hash

f80c7a28c7780081af8b273543b91fc9a1f29fbe2891e5f67218e4952bd2154a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9Mll4qj9KvCwp_j2y--7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f9Mll4qj9KvCwp_j2y--7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: application/json; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Sun, 09 Nov 2025 22:13:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 b-b94ff10-2731e1ae.js Show response
tagan.adlightning.com/mng-trib/ 72 KB
28 KB 26ms
25ms Script
application/javascript 65.8.131.100
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tagan.adlightning.com/mng-trib/b-b94ff10-2731e1ae.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.131.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-131-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba08a5b97e9b4cc87166f30bb8892cac73f80fcfcda8eec215f5b86162ee2ff8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
etag: "5440e4750239066197feaeba665e156e"
x-amz-version-id: NYKDhk2gyfDh352ctS.bwo3DEkEhnkOr
age: 13760888
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3L2kvYD_4BnYu-uWA-0tjyVoezu7OiZx3WbP-603OrTirR6jneVd6A==
date: Tue, 03 Jun 2025 15:45:24 GMT
content-type: application/javascript
last-modified: Thu, 10 Apr 2025 19:12:02 GMT
cache-control: max-age=31536000
via: 1.1 62adf6efa9de9ec639541ac293f53aa0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 28040
x-amz-meta-git_commit: b94ff10
x-amz-cf-pop: FRA60-P13
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bl-0490b65-0adfb9ba.js Show response
tagan.adlightning.com/mng-trib/ 82 KB
36 KB 44ms
43ms Script
application/javascript 65.8.131.100
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tagan.adlightning.com/mng-trib/bl-0490b65-0adfb9ba.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.131.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-131-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc84a7bc265732fe67533e51027bf16328fd754d23b1607a4224036ac4f093e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
etag: "39e3c28636a0cf83a770b30411cbd8f4"
x-amz-version-id: y5UKhCjpyGE_K2JWbGs0CuHJPvHg9.IW
age: 5433
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: XJLqq3NGoxVDGpyn2IonYMmavh0cpr8cJJnYR8YkpUg_P-VigeNqYw==
date: Sun, 09 Nov 2025 20:42:59 GMT
content-type: application/javascript
last-modified: Sun, 09 Nov 2025 20:32:11 GMT
cache-control: max-age=31536000
via: 1.1 62adf6efa9de9ec639541ac293f53aa0.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 36074
x-amz-meta-git_commit: 0490b65
x-amz-cf-pop: FRA60-P13
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 600 KB
189 KB 23ms
22ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ea47742e94e6a95b08832e9e5875a5a73ab2ea3bc740e6938d927c39e03273bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: br
etag: 14735669544948044405
age: 37428
x-content-type-options: nosniff
expires: Mon, 09 Nov 2026 11:49:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 09 Nov 2025 11:49:43 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 193950
x-xss-protection: 0
server: cafe

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 45ms
45ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7KQJL1F9N1&gtm=45je5b50v9200381182z871194413za200zb71194413zd71194413&_p=1762726410044&gcs=G10-&gcd=13m3l3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=14n4b&cid=56804688.1762726411&ecid=1964528213&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480710~115583767~115616985~115938466~115938469~116217636~116217638~116254640&sid=1762726411&sct=1&seg=0&dl=https%3A%2F%2Fpreprod.presstelegram.com%2F&dt=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&en=page_view&_fv=1&_nsi=1&_ss=1&ep.ReturnURL=Not%20Set&ep.Slug_Referral=Not%20Set&ep.MG2_Checkout_Referrer=&ep.User_Agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F142.0.0.0%20Safari%2F537.36&ep.pw_CampaignID=Not%20Set&ep.NoBlocker=true&ep.Keywords=Local%20news%2C%20breaking%20news%2C%20sports%2C%20things%20to%20do%2C%20entertainment%2C%20Long%20Beach%20news&ep.Quantcast_Label=LANewsGroup&ep.Quantcast=p-4ctCQwtnNBNs2&ep.Page_Title=Home&ep.URL=https%3A%2F%2Fpreprod.presstelegram.com%2F&ep.Content_Title=Home&ep.Publisher_State=SCNG&ep.Page_Type=home&ep.Canonical_URL=https%3A%2F%2Fpreprod.presstelegram.com%2F&ep.Taxonomy5=&ep.Taxonomy4=&ep.Taxonomy3=&ep.Section=Home&ep.Platform=Web%20CMS&ep.Digital_Publisher=&ep.Release_Version=6.8.3&ep.kv=home&ep.Mobile_Presentation=no&ep.Auth0State=unknown&ep.Publisher_Product=presstelegram.com&ep.Publisher_Domain=presstelegram.com&ep.Taxonomy1=&ep.Taxonomy2=&ep.logged_in_status=no&ep.cluster=MNG%20SCNG&ep.Environment_Bucket=Staging&tfd=1938
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KQJL1F9N1&cx=c&gtm=4e5b50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://preprod.presstelegram.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 329ms
307ms XHR
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods: GET
x-cache: RefreshHit from cloudfront
x-amz-cf-id: pmFZurepwyTQz-vlYE2wmyU_cRbDD5g9HzAT-LvutSvpqSMtQdGqiw==
date: Sun, 09 Nov 2025 22:13:32 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/ 63 KB
23 KB 19ms
19ms Other
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/gpt

Requested by

Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 13283420341987886150
age: 51489
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 07:55:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 09 Nov 2025 07:55:22 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23314
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202510140101"

OPTIONS
H2 200 bid
aax.amazon-adsystem.com/e/dtb/ Frame 0
0 157ms
72ms Preflight 52.84.221.63
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.221.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-221-63.fra56.r.cloudfront.net
Software: Server /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://preprod.presstelegram.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods: POST
access-control-allow-origin: https://preprod.presstelegram.com
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Sun, 09 Nov 2025 22:13:31 GMT
server: Server
via: 1.1 332c8b686017192eedcbc407d81ebe28.cloudfront.net (CloudFront)
x-amz-cf-id: 8AduH3-0o3m2ehTI3dMYezAswxXLNpQcmxL3VjXnfRswkf3adt5EMw==
x-amz-cf-pop: FRA56-P14
x-cache: Miss from cloudfront

GET
H2 200 3391 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
798 B 88ms
57ms Script
application/javascript 18.245.46.61
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3391
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-61.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 69c301ab22fbe3e5bcdd2f4aaec6147bc5031fe95cf9815dd965e5a99fa741ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age=3600
age: 2909
via: 1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 531
x-amz-cf-id: 4Ah9zukd_24Vb8OtIIl0hDWoLwz9erwwYIj-7B82nyta3PxUqQWAMw==
date: Sun, 09 Nov 2025 21:25:02 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P9
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 109ms
109ms XHR
application/json 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fpreprod.presstelegram.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 19bd1fe655fb5a1216911224eb7d61d152fa6775f20b0fdcd777f79270537c70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
access-control-allow-origin: https://preprod.presstelegram.com
x-cache: Miss from cloudfront
content-length: 2211
x-amz-cf-id: mqmreuyLOvgTKVaGL6xptWfrQmINvBe81BtonURgrEjxu24hW9oUbg==
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

POST
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 66 B
437 B 78ms
55ms Fetch
application/json 52.84.221.63
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.221.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-221-63.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 854c59da152f6eee070e91bfcae8848f37d50546b827990c541e097d1b28a3e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 fe5f2d46fff25f2d03917e482fe3f670.cloudfront.net (CloudFront)
access-control-allow-origin: https://preprod.presstelegram.com
x-cache: Miss from cloudfront
content-length: 83
x-amz-cf-id: AuLiE2kfyQYs1IxGQIXBT75JJNShlAQQapByEgbetXTfSh4ZFSjPRg==
date: Sun, 09 Nov 2025 22:13:30 GMT
content-type: application/json;charset=UTF-8
vary: Origin
server: Server
x-amz-cf-pop: FRA56-P14

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 333ms
121ms Image
image/png 16.182.66.33
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=681562e745e2
Requested by: Host: preprod.presstelegram.com
URL: https://preprod.presstelegram.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.66.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

Cache-Control: no-store
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-request-id: J7K8BNRYBNZVK3FH
Accept-Ranges: bytes
Content-Length: 68
Date: Sun, 09 Nov 2025 22:13:33 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: O1nSTcCNsEAyWTQBgIwYxIrs57Xcq8ojby/P/P4X2IIv7Rs7a/spB6WPiN45AlAKepqkfNtkcRM=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
32 KB 42ms
20ms Script
text/javascript 104.20.23.13
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.23.13 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d17e84af7ba998526041e90409fec0d80e0bf436fecd99cd94ea4124f1047141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-amz-id-2: dONeskVkuJ2Q6/R/y2gXoJ8JJrgzWI9DfqLZPO90kQL55i+pS3pY2SKrvWaNLdzRH+kZMhPh1WXhxVgVB2VaTJf/ZVPMzGt8+OMcN3lEMfo=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"9d3ef6e0b1008a729462806417366a8e"
age: 2430
x-amz-request-id: M8Z0BVZ35M7FQ6JR
cf-ray: 99c0a86a0bd5bb41-FRA
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: text/javascript;charset=utf-8
last-modified: Tue, 04 Nov 2025 08:00:55 GMT
vary: accept-encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET 9a2d1d8c-0377-4099-8cbb-995fdc5deadc
https://preprod.presstelegram.com/ 0
0

GET
H2 200 id5-api-js Show response
api.id5-sync.com/analytics/1542/ 1 KB
691 B 88ms
55ms Fetch
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://api.id5-sync.com/analytics/1542/id5-api-js

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

46054babe8f5c7b6c5ee9a553138a70d1eda3b4e73a2362bd9776aac1406c5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=300
access-control-expose-headers: Access-Control-Allow-Origin
content-encoding: gzip
access-control-allow-origin: *
date: Sun, 09 Nov 2025 22:13:31 GMT
content-type: application/json
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 56ms
40ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://preprod.presstelegram.com/

Response headers

GET
H3 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 545 B
776 B 244ms
213ms XHR
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1762726413965
Requested by: Host: fp.presstelegram.com
URL: https://fp.presstelegram.com/prod/dfm/fp.min.js?2025109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.15 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d760d0ab0d0ae3e940a6861a1127e98edb2cef410deb337d39f210e02cb416cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-accel-buffering: yes
cf-cache-status: MISS
content-encoding: br
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zwmYajx3DnLYUoEBUVViPPYm%2FpMQ5eX2rlZaTP0Df7isl%2B9Lm1otRvQ77hcb8P%2FVJO3VIlPc3%2FmKjBpjeRxKnTHBdbQe7R9PKb%2Fdu3liqr0%3D"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 09 Nov 2025 22:13:34 GMT
content-type: application/json
last-modified: Sun, 09 Nov 2025 22:13:34 GMT
vary: accept-encoding
priority: u=1,i
cache-control: max-age=1800
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 99c0a87779e3a064-FRA
access-control-allow-origin: *
server: cloudflare

GET 0a4d81eb-daf9-4b0c-8b0b-a32d348c027a
https://preprod.presstelegram.com/ 0
0

GET
H2 200 long-beach-press-telegram-icon.png
preprod.presstelegram.com/wp-content/uploads/2017/08/ 1 KB
2 KB 22ms
22ms Other
image/webp 192.0.66.184
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://preprod.presstelegram.com/wp-content/uploads/2017/08/long-beach-press-telegram-icon.png?w=32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06464df131f4b5d563b4536253895e981f671faa004d5f49b350a1fd78057455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

strict-transport-security: max-age=31536000;includeSubdomains
cache-control: max-age=31536000
x-rq: hhn2
etag: "0134742600b45875"
x-bytes-saved: 459
access-control-allow-methods: GET, HEAD
accept-ranges: bytes, bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 1480
date: Sun, 09 Nov 2025 22:13:34 GMT
content-type: image/webp
vary: Accept
server: nginx
last-modified: Tue, 28 Oct 2025 04:59:06 GMT

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 78ms
17ms Script
text/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-azure-ref: 20251109T221334Z-16f77b7fcffbfz4shC1FRAhdc80000000b2g0000000035k7
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 524f7354-301e-0067-1f44-4fe742000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 09 Nov 2025 22:13:34 GMT
x-ms-blob-type: BlockBlob
content-type: text/javascript
vary: Accept-Encoding
last-modified: Fri, 17 Jun 2022 17:08:13 GMT

GET
H2 200 DFM__SOPHISCNG__LBPT.json Show response
engage.presstelegram.com/prod/data/dfm/ 1 MB
52 KB 445ms
445ms Fetch
application/json 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://engage.presstelegram.com/prod/data/dfm/DFM__SOPHISCNG__LBPT.json?_=1762726414317
Requested by: Host: engage.presstelegram.com
URL: https://engage.presstelegram.com/prod/dfm/t8y9347t.min.js?2025109
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 43b0c5e6b5a210e2320848562b23baae6292af7a5fc850f2bf431a7ce6d5b5fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-ms-blob-committed-block-count: 1
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DE17FB0187C501
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_MISS
date: Sun, 09 Nov 2025 22:13:34 GMT
content-type: application/json
last-modified: Thu, 30 Oct 2025 21:26:36 GMT
cache-control: no-cache
x-ms-request-id: 80ae9a23-e01e-004b-40c6-510bed000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52116
x-azure-ref: 20251109T221334Z-16f77b7fcfft69bshC1FRArkyc0000000bcg00000000arrd
x-ms-blob-type: AppendBlob

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 354ms
137ms Image
image/jpeg 52.216.248.220
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.248.220 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

x-amz-meta-s3b-last-modified: 20191015T134358Z
ETag: "ef2cc7f55b7ab677b023e36033e26471"
x-amz-request-id: YGYR3BR4FAR0D69C
Accept-Ranges: bytes
Content-Length: 631
Date: Sun, 09 Nov 2025 22:13:35 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: 00QF/SiZzRrXOCmyURM2a+rCOPubrJFHWfWcpHV3Jqspuc6MWNfvF7FQs23ccyjTnLi4E3cG/aE=

GET 6208a60e-e037-4d6e-88e8-dd99f6991d16
https://preprod.presstelegram.com/ 0
0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 499 KB
154 KB 36ms
36ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8a69c0b54ae32fcbe2f3793ab7d3d2b922c50c21185c53d6834550ca9cc0b93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: zstd
expires: Sun, 09 Nov 2025 22:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 09 Nov 2025 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 157796
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 290ms
76ms Preflight 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://preprod.presstelegram.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy,Content-Encoding
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sun, 09 Nov 2025 22:13:34 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 223 B
327 B 24ms
22ms XHR
application/json 20.50.88.233
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.233 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

905b458ddb904b24d4ebc02c8c04b183c29558c3da3c2f99a1b9bb96661e3511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://preprod.presstelegram.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Sun, 09 Nov 2025 22:13:34 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

HEAD
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 0
24 B 29ms
29ms XHR
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: br
etag: 13489471581207616830
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 09 Nov 2025 22:13:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55178
x-xss-protection: 0
server: cafe

HEAD
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 0
24 B 25ms
25ms XHR
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://preprod.presstelegram.com/

Response headers

content-encoding: br
etag: 4828242150070929293
x-content-type-options: nosniff
expires: Sun, 09 Nov 2025 22:13:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 09 Nov 2025 22:13:35 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55179
x-xss-protection: 0
server: cafe

GET views
prod-dfm-proxy-connext.azurewebsites.net/api/ 0
0

OPTIONS views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 165 B
546 B 145ms
61ms Fetch
application/json 162.19.102.237

General

Check archive.org

Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=5546
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.19.102.237 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: 459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://preprod.presstelegram.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: br
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://preprod.presstelegram.com
content-length: 108
date: Sun, 09 Nov 2025 22:13:36 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 16ms
14ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7KQJL1F9N1&gtm=45je5b50v9200381182z871194413za200zb71194413zd71194413&_p=1762726410044&gcs=G10-&gcd=13m3l3m2m5l1&npa=1&dma_cps=-&dma=1&tcfd=14n4b&cid=56804688.1762726411&ecid=1964528213&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAAAAQ&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480710~115583767~115616985~115938466~115938469~116217636~116217638~116254640&sid=1762726411&sct=1&seg=0&dl=https%3A%2F%2Fpreprod.presstelegram.com%2F&dt=Long%20Beach%20Press-Telegram%3A%20Local%20News%2C%20Sports%2C%20Things%20to%20Do&_s=2&tfd=6945
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7KQJL1F9N1&cx=c&gtm=4e5b50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://preprod.presstelegram.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to: {"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://preprod.presstelegram.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:106:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 09 Nov 2025 22:13:36 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/5b6c5b0d-33bf-4e1b-b7ab-dac5debf3aea

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/08cbe34d-009f-455c-b029-f39e5f45ae71

Domain: digitalfirstmedia.blueconic.net
URL: https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/1099?referer=https%3A%2F%2Fpreprod.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-11-09T23%3A13%3A30%2B01%3A00&ts=1762726410004

Domain: digitalfirstmedia.blueconic.net
URL: https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/1099?referer=https%3A%2F%2Fpreprod.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-11-09T23%3A13%3A30%2B01%3A00&ts=1762726410052

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/080f7c6a-4b0c-4153-9be4-8b6f11944d54

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/3487f9e6-3a27-4d5e-8bce-f6ee1e8a702a

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/85b8d0c3-eba6-40a5-a127-9eb084b59daa

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/9a2d1d8c-0377-4099-8cbb-995fdc5deadc

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/0a4d81eb-daf9-4b0c-8b0b-a32d348c027a

Domain: preprod.presstelegram.com
URL: blob:https://preprod.presstelegram.com/6208a60e-e037-4d6e-88e8-dd99f6991d16

Domain: prod-dfm-proxy-connext.azurewebsites.net
URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=7279b1609a8e300cc83a3d14d53ce084&ConfigCode=SOPHISCNG&SiteCode=DFM&SettingsKey=LANG%2CLBPT

Domain: prod-dfm-proxy-connext.azurewebsites.net
URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=7279b1609a8e300cc83a3d14d53ce084&ConfigCode=SOPHISCNG&SiteCode=DFM&SettingsKey=LANG%2CLBPT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.presstelegram.com/	1970-01-21 18:24:22	Name: bc_tstgrp Value: 3
.presstelegram.com/	1970-01-21 09:38:48	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://preprod.presstelegram.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1762726410114%2C%22slts%22:0}
.presstelegram.com/	1970-01-21 19:08:10	Name: _parsely_visitor Value: {%22id%22:%22pid=8a3b7f50-725b-4e0a-b5e2-0c77ed0534ba%22%2C%22session_count%22:1%2C%22last_session_ts%22:1762726410114}
.preprod.presstelegram.com/	1970-01-21 19:14:46	Name: _ml_id Value: e9e92bf1-371e-48c5-bd6c-34395df0e2f3.1825798410.1.1825798410.1825798410
.preprod.presstelegram.com/	1970-01-21 09:38:48	Name: _ml_ses Value: *
.preprod.presstelegram.com/	1970-01-21 13:59:21	Name: _matheriSegs Value: MATHER_AB_TEST1-V
digitalfirstmedia.blueconic.net/	1970-01-21 09:48:51	Name: AWSALBCORS Value: Cmoqo5HiWqwPGSikJ7VfJBKhFmqV17mWOHiqpZnaw9JgUI3d9cxyppQlPKWtgh17StxgWDxjA80bAn9/XplJW2+qWU6AUGPvfCODW0uGlmmaKMFk4wyKaNNxKW5c
preprod.presstelegram.com/	1970-01-21 19:14:46	Name: csparkW_ga_39CWM68PTE Value: GS2.1.s1762726410$o1$g0$t1762726410$j60$l0$h0
preprod.presstelegram.com/	1970-01-21 19:14:46	Name: csparkW_ga Value: GA1.1.1668766368.1762726411
preprod.presstelegram.com/	1970-01-21 13:57:58	Name: g_state Value: {"i_l":0,"i_ll":1762726410950,"i_b":"7pZ5woBI6gSq7pc/MTb1mLH6Hh92gdTEt/qHtaDVFng"}
preprod.presstelegram.com/	1970-01-21 09:38:50	Name: _lr_retry_request Value: true
preprod.presstelegram.com/	1970-01-21 10:21:58	Name: _lr_env_src_ats Value: false
.presstelegram.com/	1970-01-21 13:57:58	Name: _pn Value: eyJzdWIiOnsidWRyIjowLCJzcyI6MH0sImx1YSI6MTc2MjcyNjQxMTA2OX0
.presstelegram.com/	1970-01-21 19:14:46	Name: _ga Value: GA1.1.56804688.1762726411
.presstelegram.com/	1970-01-21 18:24:22	Name: anonDeviceId Value: 7279b1609a8e300cc83a3d14d53ce084
.preprod.presstelegram.com/	1970-01-21 18:24:22	Name: nxt_last_visit Value: 1762726414312
.presstelegram.com/	1970-01-21 19:14:46	Name: _ga_7KQJL1F9N1 Value: GS2.1.s1762726411$o1$g0$t1762726415$j56$l0$h1964528213

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://preprod.presstelegram.com/ Message: Access to XMLHttpRequest at 'https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/1099?referer=https%3A%2F%2Fpreprod.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-11-09T23%3A13%3A30%2B01%3A00&ts=1762726410004' from origin 'https://preprod.presstelegram.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/1099?referer=https%3A%2F%2Fpreprod.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-11-09T23%3A13%3A30%2B01%3A00&ts=1762726410004 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://preprod.presstelegram.com/ Message: Access to XMLHttpRequest at 'https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/1099?referer=https%3A%2F%2Fpreprod.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-11-09T23%3A13%3A30%2B01%3A00&ts=1762726410052' from origin 'https://preprod.presstelegram.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digitalfirstmedia.blueconic.net/DG/DEFAULT/rest/rpc/1099?referer=https%3A%2F%2Fpreprod.presstelegram.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2025-11-09T23%3A13%3A30%2B01%3A00&ts=1762726410052 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://preprod.presstelegram.com/ Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://preprod.presstelegram.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: https://preprod.presstelegram.com/ Message: Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
accounts.google.com
ajax.googleapis.com
ams-pageview-public.s3.amazonaws.com
api-mg2.db-ip.com
api.id5-sync.com
api.rlcdn.com
az416426.vo.msecnd.net
c.amazon-adsystem.com
cat1.hbwrapper.com
cd.connatix.com
cdn-p.cityspark.com
cdn.adapex.io
cdn.auth0.com
cdn.cityspark.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.listrakbi.com
cdn.p-n.io
cdn.parsely.com
cdn.pranmcpkx.com
cdn.sophi.io
cdn59755463.blazingcdn.net
cds.connatix.com
cloudflare.com
cmp.osano.com
config.aps.amazon-adsystem.com
dc.services.visualstudio.com
digitalfirstmedia.blueconic.net
engage.presstelegram.com
events.newsroom.bi
flo.uri.sh
fonts.googleapis.com
fonts.gstatic.com
fp.presstelegram.com
g2i.presstelegram.com
hbwrapper.nyc3.cdn.digitaloceanspaces.com
htlbid.com
i.ytimg.com
loader-config.presstelegram.com
m869.presstelegram.com
marfeelexperimentsexperienceengine.mrf.io
p1.parsely.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
preprod.presstelegram.com
prod-dfm-proxy-connext.azurewebsites.net
public.flourish.studio
region1.google-analytics.com
sb.scorecardresearch.com
sdk.mrf.io
securepubads.g.doubleclick.net
session.presstelegram.com
stats.wp.com
tagan.adlightning.com
unpkg.com
www.google.com
www.googletagmanager.com
api.rlcdn.com
digitalfirstmedia.blueconic.net
preprod.presstelegram.com
prod-dfm-proxy-connext.azurewebsites.net
104.16.132.229
104.18.1.22
104.18.41.104
104.18.43.42
104.19.220.32
104.20.23.13
104.26.4.15
108.138.3.93
108.139.243.57
108.177.15.84
13.107.213.45
13.107.246.45
13.33.223.41
134.122.30.244
142.250.184.194
142.250.184.200
142.250.185.106
142.250.185.196
142.250.185.234
142.250.186.130
142.250.186.182
151.101.129.229
16.182.66.33
162.19.102.237
162.19.138.117
172.64.145.29
172.64.146.207
172.64.155.82
18.245.31.112
18.245.31.35
18.245.46.61
18.66.147.118
188.114.96.3
188.240.13.1
188.240.13.2
192.0.66.184
192.0.66.2
192.0.76.3
20.50.88.233
216.239.34.36
216.58.206.35
52.216.248.220
52.222.136.25
52.84.221.63
52.89.186.140
54.155.18.159
54.192.35.109
65.8.131.100
65.9.175.113
91.134.60.137
021420b2ee7be1424fd323c65ed537c8116d164c8bea879d905ff1220a4c23b0
034d24d2cfb13338a7fb5aecff72baf6ad30132a033f82e16aa899ee4028a1c9
061160fbe245fa724d8d902c3f6cb7ddfe6636d9bca59debfe3cfe1c6d60d682
061e22397b9fb506de1fb3d9f78e5693f9c84de8b43b55d5bf3ae7eacd8c7831
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7
06464df131f4b5d563b4536253895e981f671faa004d5f49b350a1fd78057455
06b675a649489d21b7fd33f19b1c6d37e8bd778ded07ecfec26bbc8f11e694f4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b474332c902441bb5645eb5edaa038a67f21fd5e28738d99930784bc9e68a2
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0a4627883a5b19b5f81e4c048a6a2009dfdc1382e1445174974cafbe2a1d3c59
0a8fdd5e32c8e28e0ed44560fa8102b865225b1bcc896151c20e8f8c74af3fde
0aa42ccc6a173286bc7101886231b163807f9a00ae8fce0f5c1de562430f64a5
0b357c672439c3e78219841a76e65270b193bb7dbdfb06955941562d71e642d8
0c68a175d033ffefaac61551455eb8d56d0f9756c8fe19f80beb48a695fdec85
0dcefa0b117fa5dc44eefa92d2bf221f3455b29354cc940f144bb268100fc116
11405219d4697495f7a90da69545692eeeb7064044be5cec7b23c737250bfb9d
1212f923fdc00c65dc824310596698c9db8fad050bccd15892bcbaa02ffc26ff
12ae8f475b55804a817ce84f674be39f365baa0f2970051d31caba9228cd0a32
13ec9e71cd5cb9f61eafb49f6ba899334c97a846ae0d892e83d0fd3009c28bae
1455cbaf3450e8666bee40e6e662990425c0d25d23467452420e1f2f0ea3adc1
1642bed6e0dcc566ba5c27bef15225bee455d146350b9a5a7bff2e4bb525c3fa
18ffc75ba1d0ba2b0601063e80bef558ffe81ca439a01284fb19e10baf572dc9
19bd1fe655fb5a1216911224eb7d61d152fa6775f20b0fdcd777f79270537c70
1af8041dd5747424115a0cb84849fa9cf2ea8dbd1f78f91db840952221be78ff
21c5a20ddfca46a1ee9708a9b57ee32631dea0d583ee4deeac7fca24b5e0d3f4
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
2733125bb1f449b914af1d32ebde845b3c50a51c019a496800cdf87a59c03868
2abd616c43c16e7a2d01f1f1c761d6c12acf4b2ed9a9a411289ee3bb5a681ffe
2ada301d803d8f4b2ba210c9c57091378255ed54b96e4236a9e2ce587a2a4035
2da119f225c41462aac75d43578acd5b11ae3d808b86bc344b0f073e09b76a36
2decafc5cf4294748ddce0a03f26da5ac3b6e7457ffff77366c6418972223fee
2e365b77c849e5c99e4b3ad4567057b3d89fdcd8766989a1ae737d7b624c1dfa
2e58e1223a355ecc3c3b53e39bbfe8bae5462e46db81c59d08fe68e6560e20fb
2fd675ff7e925089e757f6e50f08052dbe48d4fad393e85e30bcd224a6e7806c
309f6d5473c7202c7bddef2bde5040f80a9b152b1114dfe3cd246ebfaef2d62d
30ded6783a90452509f44e170db5f61fcf2ec34d17d504b56c0ad83e943dbac0
31202265de5943547129442475ded42311f70ed4d654408be7b69dad8377b31c
34554cca1d68d1c952b6d12bc418b6a8cb251850675186c1d408fb63ae201110
350ec21950432989b52dbe6975ecaf21700d060b295d09291ed9d89c2f1213b2
356cb705daea0fc2936b15f146ae893aaf9c9527b69f2dcbfaefd1415caea154
369e065884f175984ed11bdaaab83fddd565df20acc44e5334e2949cf42b5b2b
38e239b28bb4d4d5c2d042051a405e452e37260c8078cc54c890fd355f7dc6fd
3a5cbd6426ff84a3a5f0276d79ebe0b514861cb352831aa33c3bf7615097619e
3b2ca87106a42f7abe3e25811d964541ff15c0d7bb40af06d4cb9e4940105dac
3ceb3d73867b1e6b7afd0ab69e54fc13efa43802621d11d59582e04f477012ff
3dddc9ec1713ed777eb9873d6911e812e11344360a7945ed6206ab09e1948b40
3eaba302c5939778c773699be49533773bb914e7ea0faf37c5e36aaa4a5a248c
3f81d41e3fc7c67c69d1ed06acbb4da5f05e3d8302401e6a2122e6be68722338
41197c7776ce34b7dac6b76ade42cf4a93d81a76248b1f18fd6447b957e14312
43b0c5e6b5a210e2320848562b23baae6292af7a5fc850f2bf431a7ce6d5b5fd
449a05234c179f92cedda0b99b2f16d311214393fcae0313dcd39f228d7c624f
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
46054babe8f5c7b6c5ee9a553138a70d1eda3b4e73a2362bd9776aac1406c5cf
46281456234014ceb2a79bff447245de0f76b8d803be0738972ed374c3206c5b
46ab40b562cd1fc7a83fe12daa33bceef61e526b56d9d602a19e65290d27a28e
47a9d8273268080b0322dc3d9df62f1e7f92f3fcb2ac6007a5c3851fb3e66966
4c52f8663e425ce3a63bda863088a595d9e3842e1a139165d3804c1a96a655c8
51ca196f49a33e79e7870ff88ebd2829a3f627a51e7d690986618f0e7ad2b52d
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
547b8825f3c974f2f758a25e47cf5098cbb58e857e6b8fc50c7ac47d5cbe2187
54cf63c84f6217ccb34b4e5d85f100621b89222dead17d167a7c94eabc85e6b4
56047ab9429daa4a4e6c53d43315e73ffded1a10e58695f0d6974db779694771
567e5497158f9dd308454ab878d68afffc2c138d068768b2a6c9bac55b604c79
5737e1c0fc3597f0e9814f3ad3de666f6e7d80ffffe12e75e601f12b408c12d6
576fc25c3f65834484ca14dd12a798d7a399f771282954735f7c6f6d62356880
57aa25fd52daf74e309468d488608cf631a786632c949c74a945e5a6e4dd0ae2
57c62fbb170f13fbc815defe6f9b78f6a1295816c05b2904967e41b797caacdc
58031370c4fb1dd57a8034739c87dc5d01b9450628771cb11a98833e1f369d73
58c9bc08ff36fcb9be8b63956634ca0dabf6bdca71bef5cf325f06fe995f8fdb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
655a100ff41899945662f890510f4600495cce34b1b459c26542558734398170
6596973158664281184740637fe2448c051900dfdb9becfe91eaf49f847f4c16
66b50d0e69e1c6adeb3e52125a15f87f8f3fadabb92a2192de7d2f1e45bf7047
67a776da171e0d9378b619c15b0f5f82763f747d2b25dfb757f0a9693df25c1a
67f82a19cb170738bc742075566150217df797ca3d0c875a7b3fc703f8fde521
691491f1fc8badab623e1be56f92cc2d98c462b16617c67e1e288d6b061444bc
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
69c301ab22fbe3e5bcdd2f4aaec6147bc5031fe95cf9815dd965e5a99fa741ea
6a50d7df2b90fdbce127bfad53219dd16b73976a81d4cacf49d23714618636ee
6c1e865ee34b8c4a738f3ead1190213fa4dda5ae85287e74ad27949e243af89d
6c331288402b27f09f695e4a3a8a2f1fcc38180c57657735ec02aa2fe8b35e5f
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31
71cc22d62f84961505f62c6b3f3c01de05bd127e5735173998af5d8c2eeba0d9
71fb999d0fd8958daeeb9c08a0e50456daff03dbb27f1d4d1bb75e859b7826da
7286a766a8ad98d1a79fb79bddacd935350c699e86d3491a8b745ec19afb21a0
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
77833aea253203e3d692a2484f8c2366662c3faf9fc2ae28b296fe3d43b8055c
7a2af62530efdefa141a3e551e9b807f8fa682ce989965e63ac011570d0af2be
83aebe348242682d7444a70af32100a640bbd707197046ba5bda967f5b99773e
854c59da152f6eee070e91bfcae8848f37d50546b827990c541e097d1b28a3e6
87dc4cd6fed71feb6ef061545810d93914709e26e986ae3a18acc8b924dcc649
87ed298254d63809205135bdafa57eb5c73d9b67e4a13a0c017c1b7b15445571
8890ec954757ea8e4801f49958afb76e2b8837c47fec5b16598fc20cbd49c220
8a69c0b54ae32fcbe2f3793ab7d3d2b922c50c21185c53d6834550ca9cc0b93f
8aa3120988ba45a5f184fc74f7329051d6fdd3ec15adf58ddea94f5ed12264e0
8bce6a937391e5dff18b68877137fcc549b93417cf62c805814a6596e3fd4744
8d8dae6da6d2e3ad368d4adbf20b92fef9ec3375382e2b02f21ab419454c5883
8e335d8dc8b456daadec6760d17009f150e44968eb59210adfba6fd23aa1da07
9033ef5674a2abb19e4b593f3ce0985be9d0df91c5a062365b17f1c555c30cfc
905b458ddb904b24d4ebc02c8c04b183c29558c3da3c2f99a1b9bb96661e3511
90b1b7ae664603d1a34fe99a66ea838160c71e0bb00006dd67e3883110d505a2
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
92888d6cd797daf905042769dfe8cf506825811e18fdac882b5441536bb0e5f7
93526c655d53809dc35ccb4532bf18c73ade17e215cb17a3695c8baf17c2ffe1
93c97f824fc2420620eb61d2165ce7c61a03028597936382e00512abf05235cd
979c9ad8d1390d488535737c2ef027ef9b09f73fa82e174037c03ee7197381cb
9846fd1f87a805011a249768b445e5c6cd432ea137d7993657150b0e3c9c199c
994053be31701f2690f72b6272156839f4658cdc6baa800989f0915bd9e72e39
9c6edfb7305332d09b0d4dc3dce7d5566bc16e09539991f3dad93d037e0d9d46
9c9d204b9d6df098abbbd2608b86e7a3a715c0e22002c01be8ead0b25de4a1c3
9dfd16a6747a06c4bc76ea3ecf9993a45a00b67a9769b37b00633a72c3500ce5
a077144bbdfbf1d8caaecfc8efe9b54b75d3e973754a85e156cedfe8b3468e80
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a344274dbd78d432fbdb112458b48e7a9e02e8fb3bca7228d6c3cb3528698d36
a3f9707a30673939378e46f85784294639d4646f4b62a67073ced76114ba0db2
a42d23041e2015412a733cd348ac0c3a11639ad490f4ac018e4557098cd8ea00
a50a8585ed1293bb8231beb0b375733179949e6693ffbee4befa3bc646c4a770
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
ad50315ed77c0fe6115a0e94ffcb22b55320dad23958cac968bf55cf4d66db02
ae3f71d6ed13c69994e7758983403b5c4640747d2f6769f17bceeb2089ab490d
ae518112939e965630dcee927343f8946b68c9e5763ca70e54ddaa759b417f09
aecf9bdf8d820acedd2fc970f17c745fa923042596c36357333842925f288fad
b1c0a646f80d98fef1d4bace9299c0c11a955079030218f3683a1e50f09138cf
b1e36127bb0d2a9520feb33a97a765d8a9e3ba766178ce3b6cae02aaac6ff540
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b4cb818d568c7007eb3e47494470ed0fd9495596448c34b8da18f31a68e2e4c4
b52284f9e5a84b45669fd91a447c44a5d9de9eafb4099a50339b8472f4b274f6
b53e61fb1b23a90820f05f4730a76dbbc835ba254eeb7f4cffff0675434e8ce7
b5dc2ce56a8ac2dd002fa28a52e8a923ba628a3d361fe02ae958471186a69e37
b720a1732fd37822bb011bbbeadcd7afb5b7ae85e5f1f512162264a51a2f3082
ba08a5b97e9b4cc87166f30bb8892cac73f80fcfcda8eec215f5b86162ee2ff8
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bbdaaa50ee01c331f7d2dfdcfb57cebd61bf05b78f49b390f6882896210daac5
bf4d41405a91e392ca581607a1267581ecd08372786ae34e6f66b19fc0bdc292
c0eed8f45beafbac113cbf3a510957f10cec792b994ec6e4ec6de431d32dfeff
c23465a21dc20ca5105a9a0411bd5aa712b6dad3fa4b933546bdf0dcfdd5951d
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
c692f985566bf35bb634ee97c27df19e481cde3c90d5381167026e93a97638ff
c9c25edb0aa9bb48fb163715c26ae4404039ed8d54300f0ca7751daaede48654
cd9d980bcfeda09eac167fe53bce478cd70dbb8c57d983d1aa20b6ad0bfed894
ce8540381f18091f029dc3cecf532df272d8a514b496d7b07ee4cd30cad83fd9
ceb167e215cbb04758af6564d8759c52ec3b39467048ffddcc0b6eff69ccd3d9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff60e2843db9ee172432c39acbb4d6229b7726372e389788c216f4f06b1a417
d035ebedf46b02cbd59b7ee6dfc775b509501b9777003f924d19d8e64354196b
d09cf4f0c6fd1b0e9587e4315cc0ef7cc891323ea0fac43a8b0146823f67dc16
d17e84af7ba998526041e90409fec0d80e0bf436fecd99cd94ea4124f1047141
d19375ea73bb822724423482cd6d0bd35af92589807b03ee6f175a449a781913
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
d469a76a055b5fca1566d30dead7bdea46a7c97379411e2ae32b7cb27d2e6773
d49e8f04be7ccbb69e87ae474ee50f6903b780451989e66d35ffc247a80510fe
d4d8323a23def3b63d0f9b4b088f64859a13b38c06ceb61dd5dd912d21c285b4
d57c9988fd444e67c4513849870037d0dc6d7c44e8d214140ae8877932081860
d5eac55e658e4745b0e1eea667eaf816ac56afadbfcb8035065500515ce53f59
d6fea580c3b7b818a29c50faa7b0289362d6fd47f9d0773027da496a725cd308
d760d0ab0d0ae3e940a6861a1127e98edb2cef410deb337d39f210e02cb416cf
d931bfe4b9f39f318e84dc593cdc78fe4f5e463fe4c1fd2a6b72ed583ebaf872
d9f29e3282e0913f53add57b73e3f60697db0a1e73a33137b78ed1bef74466a8
dc84a7bc265732fe67533e51027bf16328fd754d23b1607a4224036ac4f093e7
dce15d045b8e48f9526e7b195019e1a80bdf2606a0addb19e4a0b8b9ac8a5109
e1e723af99ffd849974a90e9b6a0acd722ad003a95078a121a07a9110cf06e37
e27e2d39764147705fc04731353d4a62ea222cf3171484e7f401f99fe98a167d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ec1cf402dd6b4994e1f3b1b96d699a9e1abd2369046f83547068adea6b959
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e80de1843f75ef01d74ba38b8848cd214b3a9a9b3f1d1e744d8b2550dd3e5e9e
e8cddf210fe0f51472143048578cbfa5e096fe443071a9569fccc7062d897689
e9982f6a9584c5c250e7ba0631f3847f71c34521a62f7ab3a16ab471fca305e2
ea47742e94e6a95b08832e9e5875a5a73ab2ea3bc740e6938d927c39e03273bf
ed4c962cc273cedf6fb8550b3a486ad3de75fe6852351afdf4e295a297305c09
f0ac30a82412c03f509ad4eddbffa48a061a6935d14e0abbe6af65360b2f18df
f12b25b46a0b921760a14d2c567fed884bad518224e3d5de8ef6fe734eb3a706
f1ba99b9e447f01ed7ec46c6ad3c39b0530a03e25630ae191bcf988d907d93bb
f21c4265854b78ebfd30e7fecee48ab178a601f9d4c8ba0fdd09a163b1bad039
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4531452d3505fc6c0c886eaf6d79aa3af695b9f83d9d0d389b17636ade9b8b7
f5dfc4fd27ec2ab791cd3bf994454542d05f7a798854306d3de82d97f76b0ba3
f77b0c9930b3716e49e3b96aaee9c65529cd709128b5d98a7b799f141c3a2246
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80c7a28c7780081af8b273543b91fc9a1f29fbe2891e5f67218e4952bd2154a
fd16b7eb849a06813ac6ff4d777359f2e7a8c06e7bb7310e95b69fb1f15436cd
fdfb2b0bc29df361e537d1abcaa3ed1ed32d12b86279aac800d378b82bc38ec9
fe84baf06dbe2a5acad027f0918e8857ae277eb4d8c56c28654477c32e001475
ff8bbeed09c55ffbff2607d7e8751d9889df3a3bd6f213f0e5607246fa89e17b

preprod.presstelegram.com Open in urlscan Pro 192.0.66.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

227 Requests

94 %HTTPS

0 %IPv6

42 Domains

59 Subdomains

51 IPs

6 Countries

13088 kBTransfer

58561 kBSize

17 Cookies

100 Outgoing links

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

preprod.presstelegram.com Open in urlscan Pro
192.0.66.184 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

94 %
HTTPS

0 %
IPv6

42
Domains

59
Subdomains

51
IPs

6
Countries

13088 kB
Transfer

58561 kB
Size

17
Cookies

227 HTTP transactions
4 data transactions