eu.telegram.com Open in urlscan Pro
151.101.114.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.telegram.com/
Effective URL:
https://eu.telegram.com/
Submission: On May 13 via manual (May 13th 2021, 10:48:17 pm UTC) from US

Summary HTTP 444 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 81 IPs in 10 countries across 80 domains to perform 444 HTTP transactions. The main IP is 151.101.114.62, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is eu.telegram.com.
TLS certificate: Issued by R3 on April 2nd 2021. Valid for: 3 months.

This is the only time eu.telegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	151.101.14.62 151.101.14.62	54113 (FASTLY) (FASTLY)
1 66	151.101.114.62 151.101.114.62	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
8	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
1	13.224.95.44 13.224.95.44	16509 (AMAZON-02) (AMAZON-02)
2 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.216.138.147 52.216.138.147	16509 (AMAZON-02) (AMAZON-02)
1 5	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
8	54.76.119.149 54.76.119.149	16509 (AMAZON-02) (AMAZON-02)
1	34.249.39.204 34.249.39.204	16509 (AMAZON-02) (AMAZON-02)
2	199.232.137.181 199.232.137.181	54113 (FASTLY) (FASTLY)
2 5	13.224.95.18 13.224.95.18	16509 (AMAZON-02) (AMAZON-02)
8	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	152.199.21.35 152.199.21.35	15133 (EDGECAST) (EDGECAST)
6	213.19.162.31 213.19.162.31	26667 (RUBICONPR...) (RUBICONPROJECT)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
31	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
15	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	3.121.66.29 3.121.66.29	16509 (AMAZON-02) (AMAZON-02)
6	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7 18	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
8	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b140:28d8:9783:2a08:4b54	14618 (AMAZON-AES) (AMAZON-AES)
1	52.86.196.188 52.86.196.188	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
4 14	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2	52.44.181.48 52.44.181.48	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.95.54 13.224.95.54	16509 (AMAZON-02) (AMAZON-02)
4	184.25.115.31 184.25.115.31	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.211.168.6 35.211.168.6	15169 (GOOGLE) (GOOGLE)
15	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
3 18	3.124.79.200 3.124.79.200	16509 (AMAZON-02) (AMAZON-02)
5 5	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	185.29.132.69 185.29.132.69	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7 7	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
11 12	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
25 35	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 5	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3 6	52.46.130.13 52.46.130.13	16509 (AMAZON-02) (AMAZON-02)
3 3	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	213.155.156.185 213.155.156.185	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1 25	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
6 6	18.194.69.213 18.194.69.213	16509 (AMAZON-02) (AMAZON-02)
4 4	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
4 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.148 178.162.133.148	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	52.59.102.119 52.59.102.119	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	52.209.246.140 52.209.246.140	16509 (AMAZON-02) (AMAZON-02)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	162.55.6.213 162.55.6.213	24940 (HETZNER-AS) (HETZNER-AS)
2	63.251.232.170 63.251.232.170	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
6 6	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 4	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
2 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 4	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
4 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2 2	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	94.23.73.243 94.23.73.243	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3039::6815:c01a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	18.159.187.109 18.159.187.109	16509 (AMAZON-02) (AMAZON-02)
1 1	54.175.198.118 54.175.198.118	14618 (AMAZON-AES) (AMAZON-AES)
1	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
1 1	34.254.122.11 34.254.122.11	16509 (AMAZON-02) (AMAZON-02)
1 1	35.174.135.52 35.174.135.52	14618 (AMAZON-AES) (AMAZON-AES)
444	81

44 151.101.14.62 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

www.telegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.telegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 151.101.114.62 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

eu.telegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-44.zrh50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.138.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

gh-static-resources.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dispatch-resources.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.137.44 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.76.119.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.39.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-39-204.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.95.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-18.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 152.199.21.35 (United States)

ASN15133 (EDGECAST, US)

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

gannett-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.66.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-66-29.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.33.221.52 (Amsterdam, Netherlands) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:28d8:9783:2a08:4b54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.196.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-196-188.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.248.242.197 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.181.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-181-48.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-54.zrh50.r.cloudfront.net

cdn.gatehousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.168.6 (North Charleston, United States)

ASN15169 (GOOGLE, US)

sofia.trustx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 3.124.79.200 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 206.189.254.17 (North Bergen, United States) 5 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.29.132.69 (United Kingdom) 8 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 7 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.6.247 (Denmark) 11 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.185.66 (United States) 25 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:110:c305::8000 (United Kingdom) 4 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.130.13 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.191 (United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.185 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.59.148.16 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.194.69.213 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.196.115 (Luxembourg) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.148 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1.go.sonobi.com

go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.102.119 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.209.246.140 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.6.213 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (United Kingdom) 6 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Hjørring, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.202.251 (Amsterdam, Netherlands) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.107.212 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.73.243 (Lisbon, Portugal) 1 redirects

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c01a (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.187.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.198.118 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.122.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.135.52 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	pubmatic.com 1 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	219 KB
59	gannettdigital.com cpt-static.gannettdigital.com staticassets.gannettdigital.com	353 KB
47	gannett-cdn.com www.gannett-cdn.com api.gannett-cdn.com	1 MB
38	doubleclick.net 25 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	134 KB
31	openx.net gannett-d.openx.net eu-u.openx.net us-u.openx.net	8 KB
23	adnxs.com 7 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	98 KB
21	3lift.com 3 redirects tlx.3lift.com eb2.3lift.com	9 KB
20	serverbid.com 5 redirects e.serverbid.com sync.serverbid.com	2 KB
19	rubiconproject.com 5 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com pixel-us-east.rubiconproject.com	31 KB
14	adsrvr.org 4 redirects match.adsrvr.org	5 KB
14	amazon-adsystem.com 3 redirects c.amazon-adsystem.com s.amazon-adsystem.com	40 KB
12	adform.net 11 redirects c1.adform.net	5 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com as-sec.casalemedia.com ssum-sec.casalemedia.com	5 KB
10	criteo.com bidder.criteo.com gum.criteo.com dis.criteo.com	2 KB
10	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com	15 KB
9	yahoo.com 7 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	6 KB
9	taboola.com 1 redirects cdn.taboola.com trc.taboola.com trc-events.taboola.com match.taboola.com	211 KB
9	cookielaw.org cdn.cookielaw.org	174 KB
8	mathtag.com 8 redirects sync.mathtag.com	4 KB
8	sonobi.com apex.go.sonobi.com go.sonobi.com sync.go.sonobi.com	5 KB
8	tinypass.com cdn.tinypass.com experience.tinypass.com buy.tinypass.com api-v3.tinypass.com	288 KB
7	quantserve.com 7 redirects pixel.quantserve.com	3 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	136 KB
7	google.com news.google.com play.google.com	66 KB
6	bidr.io 4 redirects match.prod.bidr.io	3 KB
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	adtechus.com adserver.adtechus.com	348 B
5	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	27 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	exelator.com 2 redirects loadm.exelator.com	6 KB
4	semasio.net 2 redirects uipglob.semasio.net	2 KB
4	fiftyt.com 2 redirects visitor.fiftyt.com	2 KB
4	1rx.io 4 redirects sync.1rx.io	2 KB
4	betweendigital.com 4 redirects ads.betweendigital.com	2 KB
4	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	1 KB
4	liadm.com 1 redirects rp.liadm.com rp4.liadm.com idx.liadm.com	2 KB
4	telegram.com 2 redirects www.telegram.com eu.telegram.com user.telegram.com	43 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	zemanta.com 3 redirects b1sync.zemanta.com	903 B
3	bing.com c.bing.com	961 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	tapad.com 1 redirects pixel.tapad.com	616 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	playground.xyz 2 redirects ads.playground.xyz	726 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	674 B
2	dotomi.com pubmatic-match.dotomi.com	207 B
2	bidtheatre.com 2 redirects match.adsby.bidtheatre.com	1 KB
2	turn.com 2 redirects ad.turn.com	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	adgrx.com cm.adgrx.com	816 B
2	loopme.me 2 redirects csync.loopme.me	392 B
2	adition.com 2 redirects dsp.adfarm1.adition.com	1002 B
2	advertising.com 2 redirects pixel.advertising.com	627 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	simpli.fi 1 redirects um.simpli.fi	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	984 B
2	trustx.org sofia.trustx.org	644 B
2	criteo.net static.criteo.net	53 KB
2	nr-data.net bam.nr-data.net	457 B
2	rlcdn.com api.rlcdn.com id.rlcdn.com	287 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	amazonaws.com gh-static-resources.s3.amazonaws.com dispatch-resources.s3.amazonaws.com	10 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	34 KB
2	polyfill.io cdn.polyfill.io	1 KB
2	onetrust.com geolocation.onetrust.com	632 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	gumgum.com 1 redirects rtb.gumgum.com	337 B
1	bnmla.com match.bnmla.com	114 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	644 B
1	deepintent.com match.deepintent.com	44 B
1	contextweb.com 1 redirects bh.contextweb.com	462 B
1	ad4m.at ad4m.at	992 B
1	erne.co 1 redirects green.erne.co	327 B
1	rfihub.com 1 redirects p.rfihub.com	773 B
1	emxdgt.com cs.emxdgt.com
1	de17a.com d5p.de17a.com	134 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	gatehousemedia.com cdn.gatehousemedia.com	37 KB
1	indexww.com js-sec.indexww.com	29 KB
444	80

	Domain	Requested by
58	cpt-static.gannettdigital.com	eu.telegram.com cpt-static.gannettdigital.com
41	www.gannett-cdn.com	eu.telegram.com cpt-static.gannettdigital.com buy.tinypass.com
35	cm.g.doubleclick.net	25 redirects eu-u.openx.net eb2.3lift.com
25	simage2.pubmatic.com	1 redirects ads.pubmatic.com
18	eb2.3lift.com	3 redirects www.gannett-cdn.com eb2.3lift.com
16	ib.adnxs.com	5 redirects eu.telegram.com eb2.3lift.com
15	eu-u.openx.net	www.gannett-cdn.com eu-u.openx.net
15	ads.pubmatic.com	www.gannett-cdn.com ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
15	e.serverbid.com	eu.telegram.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.pubmatic.com
14	match.adsrvr.org	4 redirects eu.telegram.com eu-u.openx.net eb2.3lift.com
12	c1.adform.net	11 redirects ads.pubmatic.com
10	us-u.openx.net	eu-u.openx.net
9	cdn.cookielaw.org	eu.telegram.com cdn.cookielaw.org
8	image2.pubmatic.com	ads.pubmatic.com
8	sync.mathtag.com	8 redirects
8	bidder.criteo.com	eu.telegram.com static.criteo.net
8	pixel.adsafeprotected.com	eu.telegram.com
8	c.amazon-adsystem.com	cpt-static.gannettdigital.com eu.telegram.com
7	pixel.quantserve.com	7 redirects
6	match.prod.bidr.io	4 redirects ads.pubmatic.com
6	x.bidswitch.net	6 redirects
6	s.amazon-adsystem.com	3 redirects eb2.3lift.com
6	www.gstatic.com	news.google.com www.gstatic.com
6	news.google.com	cdn.tinypass.com news.google.com eu.telegram.com www.gstatic.com
6	apex.go.sonobi.com	eu.telegram.com
6	gannett-d.openx.net	eu.telegram.com
6	hbopenbid.pubmatic.com	eu.telegram.com
6	fastlane.rubiconproject.com	eu.telegram.com
6	adserver.adtechus.com	eu.telegram.com
6	api.gannett-cdn.com	eu.telegram.com
5	pr-bh.ybp.yahoo.com	4 redirects ads.pubmatic.com
5	image6.pubmatic.com	ads.pubmatic.com
5	acdn.adnxs.com	www.gannett-cdn.com
5	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	www.gannett-cdn.com
5	sync.serverbid.com	5 redirects
5	buy.tinypass.com	cdn.tinypass.com eu.telegram.com buy.tinypass.com
5	sb.scorecardresearch.com	2 redirects cdn.taboola.com eu.telegram.com
4	sync-tm.everesttech.net	4 redirects
4	loadm.exelator.com	2 redirects ads.pubmatic.com
4	uipglob.semasio.net	2 redirects ads.pubmatic.com
4	visitor.fiftyt.com	2 redirects ads.pubmatic.com
4	sync.1rx.io	4 redirects
4	simage4.pubmatic.com	ads.pubmatic.com
4	trc-events.taboola.com	eu.telegram.com
4	token.rubiconproject.com	4 redirects
4	ads.betweendigital.com	4 redirects
4	eus.rubiconproject.com	www.gannett-cdn.com eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4	as-sec.casalemedia.com	eu.telegram.com
4	htlb.casalemedia.com	eu.telegram.com
3	pixel.rubiconproject.com
3	ups.analytics.yahoo.com	3 redirects
3	mwzeom.zeotap.com	ads.pubmatic.com
3	pixel.onaudience.com	3 redirects
3	b1sync.zemanta.com	3 redirects
3	c.bing.com	eb2.3lift.com
3	tlx.3lift.com	eu.telegram.com
3	securepubads.g.doubleclick.net	cpt-static.gannettdigital.com eu.telegram.com securepubads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	pixel.tapad.com	1 redirects ads.pubmatic.com
2	secure.adnxs.com	2 redirects
2	ads.playground.xyz	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	pubmatic-match.dotomi.com	ads.pubmatic.com
2	match.adsby.bidtheatre.com	2 redirects
2	ad.turn.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	cm.adgrx.com	ads.pubmatic.com
2	csync.loopme.me	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	trc.taboola.com	1 redirects eu.telegram.com
2	pixel.advertising.com	2 redirects
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sofia.trustx.org	eu.telegram.com
2	static.criteo.net	www.gannett-cdn.com eu.telegram.com
2	bam.nr-data.net	js-agent.newrelic.com eu.telegram.com
2	idx.liadm.com	eu.telegram.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	cdn.taboola.com	cpt-static.gannettdigital.com cdn.taboola.com
2	confiant-integrations.global.ssl.fastly.net	cpt-static.gannettdigital.com confiant-integrations.global.ssl.fastly.net
2	cdn.polyfill.io	eu.telegram.com
2	geolocation.onetrust.com	eu.telegram.com cdn.cookielaw.org
2	eu.telegram.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	rtb.gumgum.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	match.taboola.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	ad4m.at	ads.pubmatic.com
1	green.erne.co	1 redirects
1	pixel-us-east.rubiconproject.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	p.rfihub.com	1 redirects
1	sync.go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	secure-assets.rubiconproject.com	1 redirects
1	go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	cs.emxdgt.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	ads.yahoo.com
1	id.rlcdn.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	d5p.de17a.com	ads.pubmatic.com
1	gum.criteo.com	static.criteo.net
1	api-v3.tinypass.com	cdn.tinypass.com
1	js-agent.newrelic.com	eu.telegram.com
1	play.google.com	www.gstatic.com
1	fonts.gstatic.com	news.google.com
1	staticassets.gannettdigital.com	buy.tinypass.com
1	dispatch-resources.s3.amazonaws.com	buy.tinypass.com
1	cdn.gatehousemedia.com	eu.telegram.com
1	experience.tinypass.com	eu.telegram.com
1	api.rlcdn.com	eu.telegram.com
1	rp4.liadm.com	eu.telegram.com
1	rp.liadm.com	1 redirects
1	cdn.tinypass.com	cpt-static.gannettdigital.com
1	static.adsafeprotected.com	cpt-static.gannettdigital.com
1	user.telegram.com	eu.telegram.com
1	gh-static-resources.s3.amazonaws.com	eu.telegram.com
1	js-sec.indexww.com	cpt-static.gannettdigital.com
1	cdn.adsafeprotected.com	cpt-static.gannettdigital.com
1	www.telegram.com	1 redirects
444	127

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
puzzles.usatoday.com
user.telegram.com
www.facebook.com
twitter.com
www.telegram.com
www.worcestermag.com
help.telegram.com
cm.telegram.com
tcf.cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
telegram.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-11` - `2022-03-26`	10 months	crt.sh
usatoday.com R3	`2021-04-11` - `2021-07-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.adtechus.com GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
e.serverbid.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.gatehousemedia.com Amazon	`2020-07-31` - `2021-08-31`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-13` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
sofia.trustx.org Sectigo RSA Domain Validation Secure Server CA	`2020-12-15` - `2021-12-29`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-11` - `2021-06-30`	2 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
visitor.fiftyt.com GTS CA 1D4	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://eu.telegram.com/
Frame ID: D6E7853EC8DD01093C52AFBF17A576B6
Requests: 281 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Frame ID: 05D4DDFF90233D5E2B273C2A21746EDE
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450262
Frame ID: A9B282C7CF727455EA6839BCBB6C8FA8
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eu.telegram.com&gdpr=1&gdpr_consent=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA
Frame ID: 373244D06CC5FF146569C074C9467592
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 605704FFCB65F5876687803040433B60
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F0B34428ED8A0F1C5D8BD07C0B3A94E0
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 5D5B04C9E1EFD5EE228E976E0DB8DCE1
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Frame ID: 1742490446B5C07A427117A11E71CF24
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: E58160E53C5FDFCA1D34AAA231A7A7BA
Requests: 11 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Frame ID: A2BE5C564A182A74878ACDA489BCC818
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Frame ID: A39D3E304E84BEB3577F52FC244227A2
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 542DBD7C3403E225316EE948CC1E792A
Requests: 15 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Frame ID: E7440709CA2B28B6092DD2FCFEFE7094
Requests: 7 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Frame ID: CE776AD7E4C49E75CE1167AD903CEEEE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9D5082614A5301A8F54A09B6269E892B
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Frame ID: 0C3AEBF541CF61FFFABF8FBF9800857E
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Frame ID: F1D0099CBFB13ADA875B5ABBE048FEF0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: FED883AFF51651664C38431CABAA764F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 17D0008A6767F1BC8CC9471B4EB088E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 35A0B69BB91A8CA06379EADC81A52229
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 0C5EC26E7BB66C20462E846A79E27DBB
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Frame ID: 103E1EED4B05F6086E884CD6C3576262
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E1291682BE0879D97A1E51DFBCFC7362
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 01F437A73ADC8D407967D56CC004DEF3
Requests: 4 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Frame ID: 5B3AA824F6F8478106F71F2C786E770D
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 198AB53C317A25C0B96FA63858A70F1B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A64712FA870B127414D2B28DB942F99D
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Frame ID: 776DDAEDA3C5FAD70181159312EA1178
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=20DE3B59-0789-40C7-AC9C-7188397253B0
Frame ID: 8DA5B868F0868D122E5979063CB186AE
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 792E033CBEEDCCD9F868C2CCF79BECB6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D386092C5452C87771A9643D43E737CF
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Frame ID: BE98D0502826C4002BC56054F1C6D092
Requests: 1 HTTP requests in this frame

Frame: https://go.sonobi.com/uc.html?pubid=e55fb5d7c2
Frame ID: 231E8A7A160897086EB9532652566F57
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 3833E20A7E487289DD5A3CD0D297BEAD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Frame ID: 555EFAB076380C8C49E4DF848AFC6839
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 030190216A4CBFD453A3DB91001CBB35
Requests: 6 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: F8233877D477227AABD59F9A6D4981D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427955755159
Frame ID: BBDDF87122B2FA59D09C4E4260C80933
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: D59D44130678D613CD53C36D2EA61998
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F14F3E7948E357CDB5F28BAD790F01FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
Frame ID: C57B8EE0C80073FC2F3646FBEF8B577B
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2A04D52F6EF6F22360F7645DE398EB54
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427956213911
Frame ID: 55FBEEABA616764408A9A67C1B3ACC77
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: CF4EC1B35EED01A0AA6672E1EBAE819C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3F5FEA0A9A99019A58B65C57194F7952
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
Frame ID: 928704DFC7F0BDB0E620D292ACFBC301
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=f5FwqZU2HMX2IS0BpvpOWzUY
Frame ID: DC6864F59CC0B1542A67C4DD0E69F629
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: A94B0C4A2E7EF9AA1B87E320C3E78E06
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A62BF7EB55125E4D525ACAF416CD898B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=PJNZBYYHT7lZ&pid=557219
Frame ID: C803FC0992BFCCE423037876596E4A65
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 34886EDCBB7157BEF13FB7270AD08F7E
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: FE20BF144DD864D80BD6E5B3EC987A1E
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: 49DED0832FC0A9FF99BFEE4ED392AC3D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:nRm3TebO1LHk7K5&gdpr=0&gdpr_consent=
Frame ID: 35B63F9D39C224D8FD64B5BDD04645F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D5UQG3WDSeRhE-_i9rj9GFm7vcQ
Frame ID: 55EF0FC54379F98DDA29AE60D0C4E962
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: F9C4CC36985E06A9C36F45AA351B2DA3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:632947A829F44408B4EF02A67905A53A
Frame ID: 66224440E5DDFE506C57D998BC340F99
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=20DE3B59-0789-40C7-AC9C-7188397253B0
Frame ID: 6363A41E08D7755995520E77F7A39E03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.telegram.com/ HTTP 302
http://eu.telegram.com/ HTTP 301
https://eu.telegram.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

444
Requests

100 %
HTTPS

19 %
IPv6

80
Domains

127
Subdomains

81
IPs

10
Countries

3204 kB
Transfer

9053 kB
Size

19
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/obituaries/telegram/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://puzzles.usatoday.com/
Title: Crosswords

Search URL Search Domain Scan URL

URL: https://user.telegram.com/user/enewspaper/
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=799166637286658&redirect_uri=https://eu.telegram.com/&link=&name=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA%20%20via%20@telegramdotcom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/13/covid-19-vaccination-dr-matilde-castiel-superintendent-maureen-binienda/5057139001/
Title: Worcester schools to host COVID-19 vaccine clinics for students

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/crime/2021/05/13/leominster-video-store-owner-charged-organized-retail-crime-ring/5076648001/
Title: Police: Leominster video store owner ran retail crime ring, with $1 million in sales

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/12/leicester-police-shootings-police-chief-kenneth-antanavica/5044339001/
Title: Leicester police find support from community following shooting at their station

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/sports/college/2021/05/13/holy-cross-polar-park-college-football/5081111001/
Title: Holy Cross football to play at Polar Park this fallcollege

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/13/nonprofit-seeking-demolish-former-st-peter-marian-building-build-retirement-community/5079097001/
Title: Nonprofit seeking to demolish former St. Peter-Marian building, build retirement communitynews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/good-news/2021/05/13/thomas-s-green-public-service-awards-worcester-regional-research-bureau/5073107001/
Title: Research Bureau honors six with Thomas S. Green Public Service Awardsgood-news

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/12/worcester-groups-renew-calls-civilian-police-review-board/5060565001/
Title: For SubscribersWorcester groups renew calls for civilian police review boardnews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/12/st-vincent-hospital-hiring-permanent-replacement-nurses-during-strike/5065133001/
Title: Two months into strike, St. Vincent to hire permanent replacement nursesnews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/13/worcester-man-arrested-april-double-shooting/5075168001/
Title: Worcester man arrested for April double shootingnews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/13/smile-city-offers-passport-central-mass-cultural-locations/5070759001/
Title: Smile City offers 'passport' to Central Mass. cultural locationsnews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/12/brimfield-flea-market-reopens-has-busy-day-smaller-scale/5060284001/
Title: Welcome back, shoppers! Brimfield flea market reopens at smaller scalenews

Search URL Search Domain Scan URL

URL: https://www.worcestermag.com/story/entertainment/2021/05/13/sprinkler-factory-gallery-staying-active-exhibitions-and-6-5th-annual-artraiser/7400628002/
Title: Sprinkler Factory Gallery keeping art turned on and running entertainment

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/sports/high-school/2021/05/13/saturdays-shepherd-hill-oxford-baseball-game-dedicated-former-pirate-star-dan-clem/5060146001/
Title: For SubscribersSaturday's Shepherd Hill-Oxford baseball game dedicated to former Pirate star Dan Clemhigh school

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/12/covid-candy-szymanski-mercantile-center-vaccination-clinic-umass-memorial/5037491001/
Title: Convenience: Mercantile Center vaccination clinic now serving walk-insnews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/13/st-vincent-nurses-strike-stand-firm-against-replacement-hiring/5072994001/
Title: For SubscribersStriking St. Vincent nurses stay resolved in face of replacement hiresnews

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/sports/college/2021/05/13/bentley-womens-basketball-barbara-stevens-southbridge-naismith-memorial-basketball-hall-of-fame/5071861001/
Title: For SubscribersWorth the wait: Hall of fame enshrinement finally here for Bentley coach Barbara Stevenscollege

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/business/2021/05/13/drew-food-mart-faces-second-violation-six-months-selling-liquor-minor/5071742001/
Title: Drew Food Mart faces second violation in six months for selling liquor to minorbusiness

Search URL Search Domain Scan URL

URL: https://www.telegram.com/story/news/2021/05/13/city-holding-line-water-rates-fiscal-2022/5068381001/
Title: City holding the line on water rates for fiscal 2022news

Search URL Search Domain Scan URL

URL: https://help.telegram.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://cm.telegram.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.telegram.com/privacy-policy/
Title: Your California Privacy Rights/Privacy Policy

Search URL Search Domain Scan URL

URL: https://cm.telegram.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.telegram.com/sitemap/
Title: Site Map

Search URL Search Domain Scan URL

URL: http://cm.telegram.com/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://cm.telegram.com/ethical-conduct/
Title: Our Ethical Principles

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new window

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.telegram.com/ HTTP 302
http://eu.telegram.com/ HTTP 301
https://eu.telegram.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://rp.liadm.com/p?wpn=prebid&us_privacy=1---&pu=https%3A%2F%2Feu.telegram.com%2F&ext_gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97&duid=ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s&se=e30&dtstmp=1620946079826 HTTP 302
https://rp4.liadm.com/p?wpn=prebid&us_privacy=1---&pu=https%3A%2F%2Feu.telegram.com%2F&ext_gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97&duid=ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s&se=e30&dtstmp=1620946079826&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 159

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620946079940&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620946079940&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9=

Request Chain 160

https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Feu.telegram.com%2F&c2=6035223&templatetype=homefront&category=home&comscorekw=home&ns__t=1620946079941&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Feu.telegram.com%2F&c2=6035223&templatetype=homefront&category=home&comscorekw=home&ns__t=1620946079941&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9=

Request Chain 298

https://sync.serverbid.com/ss/1035847.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Request Chain 302

https://sync.serverbid.com/ss/1035847.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Request Chain 304

https://sync.serverbid.com/ss/1035847.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Request Chain 305

https://sync.serverbid.com/ss/1035847.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Request Chain 316

https://sync.serverbid.com/ss/1035847.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Request Chain 318

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7447609d-aca3-4100-8c94-4c23cb221313

Request Chain 319

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=ehYlLS1FfXphEHl5dBcxcH1CeS1hFi5_eB99G8tP

Request Chain 320

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4789977084129649321

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9afWNQMvelUmID8dMrRVM&google_cver=1

Request Chain 324

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b5a3609d-aca3-4300-86a8-b4a9db451399

Request Chain 325

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=N6nPYWD6lzYsr5M1N_zbZDCsl2MsqcI3M6tetd4m

Request Chain 326

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9175981332745913064

Request Chain 328

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Request Chain 329

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD-WicakzIEFNcn2Z12Vzc&google_cver=1

Request Chain 330

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea2b609d-aca3-4f00-afe2-93ea60935240

Request Chain 331

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oNNv7_eAN7i71TLupYV7vaPXZ-67gGa989YvENn2

Request Chain 332

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8781643169251435430

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Request Chain 335

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbK9i0IaC_s6d2W_8XBk9M&google_cver=1

Request Chain 336

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49cb609d-aca3-4300-b698-d9fdd5589988

Request Chain 337

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bi6nWjl9_w11KPsObXuzWG0vrlh1LK8Ia3_NeCtd

Request Chain 338

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3999295349391099040

Request Chain 340

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Request Chain 341

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL72Ex7nHGm_d5xrf9eggVU&google_cver=1

Request Chain 342

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a4c609d-aca3-4800-9169-c7fa9df54ff3

Request Chain 343

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0NHyzoeCqpnL16_MgtfmzIOF-c_L1_qZgNZZm4XL

Request Chain 344

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3686206820970496617

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOsVRJ7Ec0NTa3epIVVC_I&google_cver=1

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMNOFGmQo52eZNP3Vdk3GMw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 352

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

Request Chain 354

https://pr-bh.ybp.yahoo.com/sync/triplelift/3589570784207314902?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ndg5i4tE2oRyGduQWfu0itNRN7t_YxE11.PwV5TxRg--~A&dongle=0883

Request Chain 355

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 356

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3589570784207314902 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t

Request Chain 357

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 361

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB9SYIJGSx2LTT1c3pwKXg8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 362

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

Request Chain 364

https://pr-bh.ybp.yahoo.com/sync/triplelift/3589570784207314902?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YYSB7_FE2oRw9hlFZ7Q2bc8XrVaNybY6l06Z.aHbmQ--~A&dongle=0883

Request Chain 365

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 366

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3589570784207314902 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t

Request Chain 367

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 371

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQmAZ22Hrxx74JYWwS7EYk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 372

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

Request Chain 374

https://pr-bh.ybp.yahoo.com/sync/triplelift/3589570784207314902?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-P9Ulv7dE2oSDupRi0r86FLeWAfDDCtxMK.XFWZNDtQ--~A&dongle=0883

Request Chain 375

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 376

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3589570784207314902 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t

Request Chain 377

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 383

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IN47WQeJQMesnHGIOXJTsA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 384

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a4c609d-aca3-4800-9169-c7fa9df54ff3

Request Chain 385

https://pixel.onaudience.com/?partner=214&mapped=20DE3B59-0789-40C7-AC9C-7188397253B0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=41651174-f288-45e2-bccc-359e1b36aa0e&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b883663a822bc6f8bf49101612c9294f HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=90d277e74b563101 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ccf5715a-81a2-4ff7-47ab-82540d6c28af&reqId=d45c23eb-819f-4c2c-6a6e-18d71d335fa2&zcluid=90d277e74b563101&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMetyGX3t6f4xijalNQZof4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ccf5715a-81a2-4ff7-47ab-82540d6c28af&reqId=d45c23eb-819f-4c2c-6a6e-18d71d335fa2&zcluid=90d277e74b563101&zdid=1332

Request Chain 386

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjBERTNCNTktMDc4OS00MEM3LUFDOUMtNzE4ODM5NzI1M0Iw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 387

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENa2ptlGqUVE_i0MMvi3cOY&google_cver=1

Request Chain 389

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8781643169251435430

Request Chain 390

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&gdpr=0&gdpr_consent=

Request Chain 391

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41651174-f288-45e2-bccc-359e1b36aa0e

Request Chain 392

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8508457202069849777&gdpr=0&gdpr_consent=

Request Chain 394

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20DE3B59-0789-40C7-AC9C-7188397253B0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20DE3B59-0789-40C7-AC9C-7188397253B0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ojFnB4JE2uWmu1c2Bvaj0bunKZbhVgk-~A&gdpr=0&gdpr_consent=

Request Chain 395

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=584edd72-8b24-5286-9d91-63dbfd0ccf7e&ssp=pubmatic&expires=30&user_group=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKq4ca-j-rU_WQ_fTAUDSTU&google_cver=1

Request Chain 398

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a4c609d-aca3-4800-9169-c7fa9df54ff3

Request Chain 400

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09OSEZaWjItMU0tN0NXVw==&us_privacy=1---

Request Chain 401

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/onevscM7gkXbzaDTDJzxnsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4663041577256940955

Request Chain 402

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmNiZmIxYWZiZjE4NzFkMTY4MDlmZTYzMDI2MzVlYTYwMTVjNmJhNg&us_privacy=1---

Request Chain 403

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KONHFZZ2-1M-7CWW&sigv=1&esig=2~f8a0f6ea67fa5a8957ae478b877bf784ae91863c&us_privacy=1---

Request Chain 406

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 408

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ2spxo0tEbmYJM5PLy-kwAA%261157

Request Chain 409

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=7fc4669db8bca923bf6c0b19

Request Chain 411

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP47dde0ab-b43d-11eb-a6a7-0667397c84b8 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP47dde0ab-b43d-11eb-a6a7-0667397c84b8

Request Chain 414

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8508457202069849777

Request Chain 415

https://x.bidswitch.net/sync?ssp=consumable HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=consumable HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=584edd72-8b24-5286-9d91-63dbfd0ccf7e&ssp=consumable&expires=30&user_group=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3

Request Chain 416

https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1871597495050131844

Request Chain 431

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGeW4wN0JPMWtBQUN3UGJmYlN4dw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 432

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427955755159

Request Chain 433

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 435

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=474543212 HTTP 302
https://sync.1rx.io/usersync/tradedesk/41651174-f288-45e2-bccc-359e1b36aa0e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003

Request Chain 436

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1

Request Chain 437

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 439

https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 440

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc

Request Chain 441

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3838452757625042263&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 442

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YJ2spwAA2aMRkABg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA2aMRkABg&gdpr=0&gdpr_consent=&_test=YJ2spwAA2aMRkABg

Request Chain 443

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d0e8c4ab-aaa5-4257-a674-9c918a1e8b7b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 445

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 446

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777

Request Chain 447

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1

Request Chain 448

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 450

https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

Request Chain 451

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc

Request Chain 452

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFITk5FN0JPMWtBQUN6QmlEXzBPdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 453

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7873678023749006679&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 454

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427956213911

Request Chain 455

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YJ2spwAA9ESNEwAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA9ESNEwAC&gdpr=0&gdpr_consent=&_test=YJ2spwAA9ESNEwAC

Request Chain 456

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4b31d0a1-aaaa-456d-a2bd-b00897cfc840&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 458

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 459

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 461

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777

Request Chain 462

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=920573577 HTTP 302
https://sync.1rx.io/usersync/tradedesk/41651174-f288-45e2-bccc-359e1b36aa0e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003

Request Chain 465

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=f5FwqZU2HMX2IS0BpvpOWzUY

Request Chain 467

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 468

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=PJNZBYYHT7lZ&pid=557219

Request Chain 470

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 471

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Request Chain 472

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:nRm3TebO1LHk7K5&gdpr=0&gdpr_consent=

Request Chain 473

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D5UQG3WDSeRhE-_i9rj9GFm7vcQ

Request Chain 475

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:632947A829F44408B4EF02A67905A53A

Request Chain 477

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1685bc57-8707-48dc-836b-62378d257f28

Request Chain 478

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49f46451-b43d-11eb-8330-df093698d031&gdpr=0&gdpr_consent=

444 HTTP transactions
43 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
eu.telegram.com/
Redirect Chain

http://www.telegram.com/
http://eu.telegram.com/
https://eu.telegram.com/

173 KB
40 KB

87ms
28ms

Document
text/html

151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

7d6df36691fc6fdbebaeb41a0cffaba3ee361b412efa52c632596a9f4ae1d65a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

:method: GET
:authority: eu.telegram.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.15.2
content-type: text/html; charset=utf-8
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-robots-tag: noindex, nofollow
gannett-debug-path: region: east ---> region: east
gannett-debug-path-full: restarts: 0 ttl: 31536000.000 shield: false server: cache-hhn11527-HHN path: region: west >>>> restarts: 0 ttl: 31536000.000 shield: true server: cache-fra19139-FRA path: region: east ---> region: east
accept-ranges: bytes
date: Thu, 13 May 2021 22:47:58 GMT
age: 1120
set-cookie: gnt_eu=true; domain=.telegram.com; path=/; expires=Fri, 14 May 2021 04:47:58 GMT;
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=600
x-served-by: cache-fra19133-FRA, cache-hhn4022-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 2
x-timer: S1620946079.836909,VS0,VE0
content-length: 40876

Redirect headers

Server: Varnish
Retry-After: 0
Content-Length: 0
Location: https://eu.telegram.com/
Cache-Control: max-age=300
Accept-Ranges: bytes
Date: Thu, 13 May 2021 22:47:58 GMT
Via: 1.1 varnish
Connection: close
Set-Cookie: gnt_eu=true; domain=.(null); path=/; expires=Fri, 14 May 2021 04:47:58 GMT;
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=600
X-Served-By: cache-hhn4037-HHN
X-Cache: HIT
X-Cache-Hits: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
408 B 39ms
21ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 64ef6e80ff643248-FRA
cf-request-id: 0a0983649c00003248e323b000000001

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 30ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pE7xqZRyx6XQkryUB7ni+A==
age: 5023
vary: Accept-Encoding
content-length: 5801
cf-request-id: 0a0983649a00001e4739827000000001
x-ms-lease-status: unlocked
last-modified: Tue, 11 May 2021 01:48:10 GMT
server: cloudflare
etag: 0x8D9141ED5389DEE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5156aedd-801e-0080-2d15-467b4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e80fd5f1e47-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 37ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YyyuJSQqC/IlFtjhtrYhpg==
age: 5000
vary: Accept-Encoding
cf-request-id: 0a0983649a00001e47bf009000000001
x-ms-lease-status: unlocked
last-modified: Wed, 03 Mar 2021 08:12:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 092852fe-901e-00bd-3547-25ce6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 64ef6e80fd611e47-FRA

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 505 B
720 B 10ms
7ms Script
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7fbf2d6d7c216dc02e3ce82f157524b829a377018648ccb14cc994ab2242307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2482434
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 258
referrer-policy: origin-when-cross-origin
last-modified: Wed, 14 Apr 2021 07:25:02 GMT
date: Thu, 13 May 2021 22:47:58 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gallium.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 11 KB
4 KB 107ms
36ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f16dbe23bd8fbde489ab6a9dd3cea0a923de345292054587b8304e675b8cd8bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3450
x-served-by: cache-bwi5131-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.958831,VS0,VE1
etag: "9d4cfa8b4479f0101a58ee3de131cec1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 custom-elements-es5-adapter.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 938 B
766 B 34ms
31ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
age: 596612
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 493
x-served-by: cache-bwi5150-BWI, cache-hhn4022-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.894646,VS0,VE1
etag: "8af5f1900788253d8384715a01425ab7"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 section.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/ 335 KB
84 KB 122ms
50ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/section.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1a8a8c93cecf52973b8df96a6d5740df952fb31e438d834e8e7fde5cb3255d06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
age: 325960
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 85491
x-served-by: cache-bwi5132-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.958925,VS0,VE1
etag: "0d34d12acbc1c55a9349dbffee7bde60"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 a8246feb-17e1-491c-ac5d-72ad491bc109-LOC_COVID_1211.jpg
www.gannett-cdn.com/presto/2021/01/18/NTEG/ 285 KB
285 KB 122ms
59ms Image
image/webp 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/01/18/NTEG/a8246feb-17e1-491c-ac5d-72ad491bc109-LOC_COVID_1211.jpg?crop=1999,1125,x0,y0
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b2182667d2c3979d7af327043575e9c10ea86fa79199579666b34a870fda5d4

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=n8Ks3w==, md5=ej8QKilWqjhJCODr6OHQPQ==
date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 572367
x-guploader-uploadid: ABg5-UwyACxTIG_Yj4vw3heApntTMiXnbZvHLYjlnq2EKDysjysdlzMt3xBnSw448SJkoUsnCiuAJz9EUv8lf3EVsgVxykZOGg
x-cache: HIT, HIT
fastly-io-info: ifsz=736485 idim=2000x1534 ifmt=jpeg ofsz=291450 odim=1999x1125 ofmt=webp
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 291450
x-served-by: cache-bwi5121-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.992840,VS0,VE1
etag: "4lYxhKDOR2B5T+Pn1WP8quNRtSIwSnABDstvKHAt0h0"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 07 May 2021 07:48:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 bab43039-b111-490d-a535-70b4b752af33-merchandise.jpg
www.gannett-cdn.com/presto/2021/05/13/NTEG/ 24 KB
25 KB 92ms
29ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/13/NTEG/bab43039-b111-490d-a535-70b4b752af33-merchandise.jpg?crop=1999,1125,x0,y300&quality=50&width=512
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 110326cbfdbee4b4997f4603d24f98257ce3a3ce743ef9ed0fd952cf2179da8a

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=rNvwtg==, md5=lZnDVFFvno1/ctQDI2SRgw==
date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 17925
x-guploader-uploadid: ABg5-UxVmCXcZhtXrls2jKV4qCYpFRM2pRnv7qEM_aniFDaEZnx9oDm3TIKDs5Uofb_O7NwxtKhEucNWTXbETxZ_I9kIL82ECw
x-cache: MISS, HIT
fastly-io-info: ifsz=1629907 idim=2000x1500 ifmt=jpeg ofsz=24858 odim=512x288 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 24858
x-served-by: cache-bwi5162-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.993012,VS0,VE1
etag: "Slkx76WA7qUp+ivOFx5F/0r0a8pb80OxJCCSnEn1qL4"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 13 May 2021 17:49:13 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 2799d254-5ae8-4aa4-9f8a-7c9dbad6d6c0-Leicesterprocops5.jpg
www.gannett-cdn.com/presto/2021/05/12/NTEG/ 20 KB
20 KB 110ms
47ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/12/NTEG/2799d254-5ae8-4aa4-9f8a-7c9dbad6d6c0-Leicesterprocops5.jpg?crop=1279,720,x0,y0&quality=50&width=512
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0ffa811e6235eb9161705d13affdce21ff7c89cc3301b6c60263d387d0553d9a

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=8pplug==, md5=dGeSfMDbljx6UkMnS3iqdA==
date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 97323
x-guploader-uploadid: ABg5-UxVAxekN-v74NgdPngpnqPk4UrNeS8fRPic3UcAlfD_wu5y_N0zwIEmZX2xH3Z0vB3cn8mI7nK8Wwhkfp2g6xR4xgTPpQ
x-cache: HIT, HIT
fastly-io-info: ifsz=374906 idim=1280x960 ifmt=jpeg ofsz=20032 odim=512x288 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 20032
x-served-by: cache-bwi5166-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.993015,VS0,VE1
etag: "OzTmX96lrUptEWz8Qs2gnqblRgSJ71WGp76MCzPUq0o"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 May 2021 19:45:56 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 3839ab8b-0db4-4b60-b568-fe24b22b381c-LOC_Nurses_2.jpg
www.gannett-cdn.com/presto/2021/04/20/NTEG/ 19 KB
19 KB 122ms
59ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/04/20/NTEG/3839ab8b-0db4-4b60-b568-fe24b22b381c-LOC_Nurses_2.jpg?crop=1999,1125,x0,y155&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a00bbf9b34d69e3c435c780766f932a592a6784b2c22a1ac650746e1bc2e4f91

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=epVeeg==, md5=gWb8MvnX/FhddQI3t1mDzA==
date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 891855
x-guploader-uploadid: ABg5-Uy7KyHB7T-8L3WJHc_pcS352GT2gWzON9TivosM7Q6QeWgxvQ02FXMmlz59r8WLZ2w6hx9K1KzghaswjeRqmTg
x-cache: HIT, HIT
fastly-io-info: ifsz=1831572 idim=2000x1441 ifmt=jpeg ofsz=19441 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 19441
x-served-by: cache-bwi5135-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.993027,VS0,VE1
etag: "iUKP11CnSgIB4J+CmD3qPwgBq9Eu41r9i0w797gy5r0"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 03 May 2021 15:03:43 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 a5cfa0b2-9475-43d4-bf6f-9c24ab258dc1-IMG_5276.JPG
www.gannett-cdn.com/presto/2021/04/11/NTEG/ 9 KB
10 KB 109ms
46ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/04/11/NTEG/a5cfa0b2-9475-43d4-bf6f-9c24ab258dc1-IMG_5276.JPG?crop=5471,3078,x0,y278&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b4647fb32d9a261858152507bd0e83f8e1448fff0ae5e5dc52e7d21004fd9de

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ggiepQ==, md5=Xis+f2gwqFs94v4c/fJRhQ==
date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 595687
x-guploader-uploadid: ABg5-UxaUDFciVax-LK9WRoTtZLf_2NrpHNxtgJsnwVr3qtjjr4D1wQhHC0L7DAheNBcysSJIRyURRD8ayX5yewNZ-h4zsgmiQ
x-cache: MISS, HIT
fastly-io-info: ifsz=3715278 idim=5472x3648 ifmt=jpeg ofsz=9661 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 9661
x-served-by: cache-bwi5131-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.993082,VS0,VE1
etag: "iKUyz3ebuvJAo0QRciuV5uu0sNUE+vvNvisuKXHdwsQ"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 07 May 2021 01:19:51 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 2287891a-4338-448e-aa17-901878534bcc-harveysmile1.JPG
www.gannett-cdn.com/presto/2021/05/13/NTEG/ 13 KB
14 KB 121ms
59ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/13/NTEG/2287891a-4338-448e-aa17-901878534bcc-harveysmile1.JPG?crop=2999,1687,x0,y152&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 72016adf7b9e801c465c1251614253c79e380f304c422b89f507313312e9e495

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=E1L11g==, md5=fsNx7ZYO+YZ13DllTU4pIw==
date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 25286
x-guploader-uploadid: ABg5-Uwf76kkR-QLL1DKs_EvAcYEQ_WwX5MLJ2P_77ETuFpGoJ7O2lJffYUxSVyhpkdMU7soO23799Wv9bYhz3B7tLmGnLWEUw
x-cache: HIT, HIT
fastly-io-info: ifsz=1110476 idim=3000x2000 ifmt=jpeg ofsz=13122 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 13122
x-served-by: cache-bwi5173-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.993116,VS0,VE1
etag: "tkEqbGPbajJm7JOZqWtp3EDOBDGgk2GvnuW4iTWua/I"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 13 May 2021 15:46:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 7a125fbc-5b66-40ed-98e2-807ea6a2e2dc-LOC_Brimfield_Fair__16.JPG
www.gannett-cdn.com/presto/2021/05/12/NTEG/ 22 KB
23 KB 70ms
68ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/12/NTEG/7a125fbc-5b66-40ed-98e2-807ea6a2e2dc-LOC_Brimfield_Fair__16.JPG?crop=1799,1012,x0,y114&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 74a75f0c55010c9e995d2b940d31684c68dec9c532198b291cfe6c3c5cadf559

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=OFsdOA==, md5=+xnQBsn2lPYW5sUUetdxtg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 94388
x-guploader-uploadid: ABg5-UwXWskoUtV-eD-aMUOO46yWtLleNiRwNlbulJKLcKMsfUykoXOXJtZ5iR08SofMINW30sE-Nheq2rxywB35R4U
x-cache: HIT, HIT
fastly-io-info: ifsz=2122814 idim=1800x1144 ifmt=jpeg ofsz=22646 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 22646
x-served-by: cache-bwi5157-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012196,VS0,VE1
etag: "Q91eXAt6I9ZgMpoNbTgc1p/Zf0/I4j19cJoF1SXkCqI"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 May 2021 20:34:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 0b688395-0710-4f77-8fb7-7eaba85467a3-WMG_Sprinkler_5.jpg
www.gannett-cdn.com/presto/2021/05/09/NTEG/ 14 KB
14 KB 70ms
68ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/09/NTEG/0b688395-0710-4f77-8fb7-7eaba85467a3-WMG_Sprinkler_5.jpg?crop=1999,1125,x0,y312&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9497b3ef7400c8a101e237d8229e27c143f6f9dcb7c3f2f960b60acd9c95536b

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=NQMDNQ==, md5=noFaQD2mN15YkLp3N5924Q==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 368037
x-guploader-uploadid: ABg5-UwvW7fiuVfolCX5US-xeErC0QzAUT9TP36rDlxkO1sKLNNH-CrnsebAx40d5ixOmJIcl5UH0LKgUPJ1UmfJ5rM
x-cache: HIT, HIT
fastly-io-info: ifsz=1108955 idim=2000x1755 ifmt=jpeg ofsz=14381 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 14381
x-served-by: cache-bwi5182-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012421,VS0,VE1
etag: "b4vY3fBXNivZ9DnILUBSjkD1S91a2tIrYaWRbYWTSTQ"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 09 May 2021 16:34:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 5f3de73d-53f3-4458-8c5c-22f77f4fb8e1-LEDE_2.jpg
www.gannett-cdn.com/presto/2021/05/12/NTEG/ 7 KB
8 KB 71ms
68ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/12/NTEG/5f3de73d-53f3-4458-8c5c-22f77f4fb8e1-LEDE_2.jpg?crop=384,216,x0,y147&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f28f9bad619b1dff45a1f2a145d9a0c843f203cc8316c77d48f3ae1a6aebcb04

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=puSq+g==, md5=2MFHJMi858vGXzSnAIarmg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 105851
x-guploader-uploadid: ABg5-Uw-8TaJnjvSTpbIyHj1zM8QKKeLuo0jp2ItaZeSXXNvF7onylX9ujTrybtv_yu--caaNk1JZOxJ83ZSvr833w
x-cache: HIT, HIT
fastly-io-info: ifsz=41002 idim=385x512 ifmt=jpeg ofsz=7635 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 7635
x-served-by: cache-bwi5153-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012529,VS0,VE1
etag: "iRl45GwOOvYJtKzTkTg8Q+bqeIJusjrLomkQLOIKpTA"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 May 2021 17:23:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 04bee699-59ea-4711-bb66-18e35803d5d5-LOC_vaccination_CP_0506_1.JPG
www.gannett-cdn.com/presto/2021/05/06/NTEG/ 12 KB
12 KB 71ms
69ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/06/NTEG/04bee699-59ea-4711-bb66-18e35803d5d5-LOC_vaccination_CP_0506_1.JPG?crop=2399,1350,x0,y0&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: eaa1270759d89d733beccc6b8255025459dada23b352e6cacb4f1be9b15b8411

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/25gxA==, md5=1iLwR+ZuX5/NYQTIyhdcMg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 625266
x-guploader-uploadid: ABg5-Uw8w1FnjR2CcZH_nTVBXTF0BL6bLv-dOY7BHwInitu_Lsf3Hi5MtdELnZLG4puH_OI-n6vtq2qGJ5RbsXHLy9xxltVZqw
x-cache: MISS, HIT
fastly-io-info: ifsz=2900427 idim=2400x1804 ifmt=jpeg ofsz=12336 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 12336
x-served-by: cache-bwi5133-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012524,VS0,VE1
etag: "6gtou0OArM0+iGU4CB0K5/LvuHuAy4YcfulMOhRAIGE"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 May 2021 17:06:53 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 337df2ec-a2a3-4491-968f-c645c6dce26e-LOC_Nurse_0513_1.jpg
www.gannett-cdn.com/presto/2021/05/13/NTEG/ 15 KB
15 KB 71ms
69ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/13/NTEG/337df2ec-a2a3-4491-968f-c645c6dce26e-LOC_Nurse_0513_1.jpg?crop=1999,1125,x0,y152&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e05f35949462455403ed845e7f9dbb91d56ed47409b85d38fa3d962dfba3edbf

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=31cjTA==, md5=gKkawgeRPsnrCAVFg0bkbg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 8896
x-guploader-uploadid: ABg5-UzRtHB_dqfsGG50fmJOatGqtDK8_KcnOF5y2wnAjg_F6rHkieoxZI0Tjw9FIVCEHnJJz6CgzLzSLSgNfySmzLA
x-cache: HIT, HIT
fastly-io-info: ifsz=844149 idim=2000x1523 ifmt=jpeg ofsz=14902 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 14902
x-served-by: cache-bwi5152-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012790,VS0,VE1
etag: "LipU7l52CqDS+rn3EucbpkpbQpbGsOvKA5NwJKMgwe0"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 13 May 2021 20:19:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 12ec03f6-37c4-4f1d-a25c-780835cf54eb-stevens.JPG
www.gannett-cdn.com/presto/2021/05/13/NTEG/ 19 KB
20 KB 72ms
69ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/13/NTEG/12ec03f6-37c4-4f1d-a25c-780835cf54eb-stevens.JPG?crop=1779,1001,x0,y0&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5ed0e94f2aefb78e38ffbf679d5063e1e7283c883667f1672fafef5f59801645

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bW5+NQ==, md5=4o9JC8bJzJTD7TQtVO2Shw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 8545
x-guploader-uploadid: ABg5-UzB75qCM5yjnn0H_uVDR1-KdeNBv8wvFB9L2x92Xyf9HbJtoHryUMWJ9zLZz6gmaGk8F0w8RNYlsaOFXU4JE1i9RrLR5Q
x-cache: MISS, HIT
fastly-io-info: ifsz=492137 idim=1780x1361 ifmt=jpeg ofsz=19678 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 19678
x-served-by: cache-bwi5127-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012781,VS0,VE1
etag: "qHcyZNjrpl3JbizlhdrKPWHG6RcAGbhdM2j4juJQx5w"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 13 May 2021 20:25:33 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 2b02bdd4-e221-4c92-ab21-73ea9ba8414d-worcester_city_hall.jpg
www.gannett-cdn.com/presto/2020/12/23/NTEG/ 12 KB
12 KB 71ms
69ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2020/12/23/NTEG/2b02bdd4-e221-4c92-ab21-73ea9ba8414d-worcester_city_hall.jpg?crop=1739,979,x0,y205&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bb02056220ada55866c677a1b1f6e56df02b6a40d3e8afbf0435568ae865d600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Zne1YA==, md5=E/ZHFDSiShcxsRILmkuI9Q==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1163379
x-guploader-uploadid: ABg5-UzG8z02DJJT2_e23uL4e0xKqzGUlkg320_Z9JVDsDUt0SS4kZhSevkaj8-MoZqZjG4L-TbmZ_XikD_SxjXg2RA
x-cache: HIT, HIT
fastly-io-info: ifsz=177440 idim=1740x1373 ifmt=jpeg ofsz=11909 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 11909
x-served-by: cache-bwi5162-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012756,VS0,VE1
etag: "vF1TRdYVh7FX4NENTFSTzr4Ig4qZfL8GAMyD5+rCZyU"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 30 Apr 2021 11:38:20 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 975ec171-2715-4f0c-9867-89370651e588-1012645020_MA_WTG_droughtover_01002.JPG
www.gannett-cdn.com/presto/2021/05/13/NTEG/ 13 KB
14 KB 72ms
70ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/13/NTEG/975ec171-2715-4f0c-9867-89370651e588-1012645020_MA_WTG_droughtover_01002.JPG?crop=1999,1125,x0,y101&quality=50&width=448&height=252
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8c999e74f987143a4c42cbdf7250f4b73b7ad34984ddb62222a8b0a5d1bf18d0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=qIkKYg==, md5=mbOaz3f6VKgMTdARpe+F9w==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 28364
x-guploader-uploadid: ABg5-Uy_p5Es7gA5M1q_CTc5PGb4i9Ga-CMz_7fiFC7olmR0CxK3NdGY5xJentZeGnRK7nvyF7LFVYVay_uSEPdzTg
x-cache: MISS, HIT
fastly-io-info: ifsz=1117683 idim=2000x1333 ifmt=jpeg ofsz=13760 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 13760
x-served-by: cache-bwi5126-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.012756,VS0,VE1
etag: "JDkKPY7aaJobNu5i+Qpqdsu+EEvCsw8h6G7vQesJL/Q"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 13 May 2021 14:55:14 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 d2428df2-2942-4a01-9cb0-02e71104d1bb.json Show response
cdn.cookielaw.org/consent/d2428df2-2942-4a01-9cb0-02e71104d1bb/ 3 KB
2 KB 28ms
12ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d2428df2-2942-4a01-9cb0-02e71104d1bb/d2428df2-2942-4a01-9cb0-02e71104d1bb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1eb1c45b6ebab0c39f0d0e9e2444121ed4c7f77515d6e0c6f4ebdab4743a3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3dCBPqSV20ACOaDhB/KeFA==
age: 5499
vary: Accept-Encoding
content-length: 1363
cf-request-id: 0a098364c6000005f5332c8000000001
x-ms-lease-status: unlocked
last-modified: Fri, 12 Feb 2021 14:13:53 GMT
server: cloudflare
etag: 0x8D8CF606DCCF3D0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 018bebef-f01e-0165-51ff-372fee000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e813b3b05f5-FRA

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
224 B 21ms
20ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 64ef6e813f993248-FRA
cf-request-id: 0a098364c6000032488d9a9000000001

GET
H2 200 webcomponents-loader.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 4 KB
2 KB 30ms
28ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
age: 78927
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1524
x-served-by: cache-bwi5144-BWI, cache-hhn4022-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.933920,VS0,VE1
etag: "596ad3dc06dfb78ecdc6bcee1d653f04"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polyfill.js
cdn.polyfill.io/v2/ 505 B
360 B 8ms
6ms Other
text/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7fbf2d6d7c216dc02e3ce82f157524b829a377018648ccb14cc994ab2242307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2482434
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 258
referrer-policy: origin-when-cross-origin
last-modified: Wed, 14 Apr 2021 07:25:02 GMT
date: Thu, 13 May 2021 22:47:58 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 17 KB
18 KB 63ms
35ms Font
binary/octet-stream 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 63427
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17876
x-served-by: cache-bwi5121-BWI, cache-hhn4068-HHN
server: AmazonS3
x-timer: S1620946079.958864,VS0,VE1
etag: "eec61fc37ea7dff16e6503e33ab66949"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/telegram/logos-and-branding/ 7 KB
3 KB 71ms
69ms Image
image/svg+xml 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/gannett-web/properties/telegram/logos-and-branding/logo-default.svg
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2cf7f701a2a6d97b70e05ca4613ec5fda746d0b9483bfc1f1a2874f885bc4876

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=X6LOaA==, md5=y2aakuij7Nqcj+AudKt1og==
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 652641
x-amz-meta-goog-reserved-file-mtime: 1602791417
x-guploader-uploadid: ABg5-UzDizqo_MGbljBAspkZNJcSzKWo8F5mRb5jnhDYjAMFcC0bntFcBCXt9FYzWy8lo_22L2CXL2MPsznzzKzSjjH84Urb4Q
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 2506
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5121-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Thu, 15 Oct 2020 19:51:14 GMT
server: UploadServer
x-timer: S1620946079.012728,VS0,VE1
etag: "cb669a92e8a3ecda9c8fe02e74ab75a2"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 06 May 2021 09:30:38 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.12.0/ 361 KB
80 KB 13ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Aib4Vlvkay7u77hQspwwDQ==
age: 4499537
vary: Accept-Encoding
content-length: 81328
cf-request-id: 0a098364e700001e4714813000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:09 GMT
server: cloudflare
etag: 0x8D8BD11958F56CC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 151a2263-901e-013a-775d-1fdd10000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e817e031e47-FRA
expires: Fri, 21 May 2021 22:47:58 GMT

GET
H2 200 UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 16 KB
16 KB 64ms
64ms Font
binary/octet-stream 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 68756
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 16620
x-served-by: cache-bwi5133-BWI, cache-hhn4068-HHN
server: AmazonS3
x-timer: S1620946079.969162,VS0,VE0
etag: "3813aba0274244941c060a0cba29c5a2"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 395

GET
H2 200 UnifySans_W_Bd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 18 KB
18 KB 64ms
64ms Font
binary/octet-stream 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Bd.woff2

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 69067
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17984
x-served-by: cache-bwi5124-BWI, cache-hhn4068-HHN
server: AmazonS3
x-timer: S1620946079.969252,VS0,VE1
etag: "79f7fee52a3077ef23d7fb327d25836a"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 UnifySerif_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 20 KB
20 KB 64ms
64ms Font
binary/octet-stream 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySerif_W_Rg.woff2

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 69067
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 20664
x-served-by: cache-bwi5137-BWI, cache-hhn4068-HHN
server: AmazonS3
x-timer: S1620946079.969799,VS0,VE1
etag: "b7f3cbc37e81dca80a0ddc3a6da81245"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 webcomponents-hi.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 11 KB
4 KB 29ms
29ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 670031
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3650
x-served-by: cache-bwi5121-BWI, cache-hhn4022-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.034609,VS0,VE1
etag: "2e02d950c1c199919a375acfd1fbc108"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 partner.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 66 KB
15 KB 38ms
37ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

989ddb1b96ee4dd0e5b65c9f00f23d8a56a1c482dc4d17ab67bae6d488eac238

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 69067
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 14873
x-served-by: cache-bwi5138-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.040605,VS0,VE1
etag: "daa66e733a9b33461d99def5a92f8029"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 utils.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 16 KB
5 KB 37ms
36ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6be084013be9114131db05e43e8a6875b2eaff5b66139814b6ca572b6170e5d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Origin: https://eu.telegram.com
Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4540
x-served-by: cache-bwi5132-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.040597,VS0,VE1
etag: "d84466c34486fbc3558ab4c97ecda859"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d2428df2-2942-4a01-9cb0-02e71104d1bb/fdd301ae-f9ce-4d5e-8562-92679a53304d/ 71 KB
17 KB 11ms
11ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d2428df2-2942-4a01-9cb0-02e71104d1bb/fdd301ae-f9ce-4d5e-8562-92679a53304d/en.json

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f251f866f52c64233834785030ef712b46072003c990e139f316c0c5b2f21e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zGCw3BIJmR+Yy2ZPSLbzgw==
age: 1832
vary: Accept-Encoding
content-length: 17273
cf-request-id: 0a0983653a000005f5800b6000000001
x-ms-lease-status: unlocked
last-modified: Fri, 12 Feb 2021 14:14:34 GMT
server: cloudflare
etag: 0x8D8CF608615CD0A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 90b4164f-b01e-0044-2d1c-35048a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e81fc8205f5-FRA

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 244 KB
34 KB 12ms
10ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f7d307d115fda11ddf7f4a0fc8d76041a271bffafc82a91704fbab45f2f5122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WjN0eFH/P2muG++a8ux8lA==
age: 5085
vary: Accept-Encoding
content-length: 34429
cf-request-id: 0a0983653c000005f565b33000000001
x-ms-lease-status: unlocked
last-modified: Thu, 13 May 2021 14:04:29 GMT
server: cloudflare
etag: 0x8D9161806C6F898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b9adfead-501e-004e-441c-481d03000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e81fc8605f5-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.12.0/ 67 KB
15 KB 19ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zuNs8AMhreqmYWNqqh//eQ==
age: 4499538
vary: Accept-Encoding
content-length: 14815
cf-request-id: 0a0983653d00001e4723bf1000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:08 GMT
server: cloudflare
etag: 0x8D8BD1194CBE1FA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6877c494-601e-006f-045d-1f7032000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e81feae1e47-FRA
expires: Fri, 21 May 2021 22:47:59 GMT

GET
H2 200 universal.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/ 25 KB
6 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/universal.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

412d225480e1d94394ffc47ef625f253babd2fdd7a75c687989965fa64895bed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5502
x-served-by: cache-bwi5146-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.073363,VS0,VE1
etag: "072e0ac3d5309e6b58d8c9490242f992"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
690 B 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 566
x-served-by: cache-bwi5128-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.073768,VS0,VE1
etag: "59e5636d674dc205ed0f95606d4ad938"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.12.0/assets/ 13 KB
3 KB 12ms
11ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otFlat.json

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IpszPceh6jWRl6sjS0PrYA==
age: 2016714
vary: Accept-Encoding
content-length: 3212
cf-request-id: 0a098365d1000005f59dbf8000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:01 GMT
server: cloudflare
etag: 0x8D8BD1190DD964B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 14ba5339-701e-003f-4cf2-356f3a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e82edda05f5-FRA
expires: Fri, 21 May 2021 22:47:59 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/ 46 KB
11 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/otPcCenter.json

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c000e4544bfb7ad85dd61fac0a167d1b3f4ca26213b90ba28be37edb4626bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Qb6/5BVpgsZnJ0A7TzZC1g==
age: 1911845
vary: Accept-Encoding
content-length: 11343
cf-request-id: 0a098365d1000005f59b9b1000000001
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jan 2021 07:04:03 GMT
server: cloudflare
etag: 0x8D8BD1192422474
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bd2bc938-701e-015d-29e6-366eb7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 64ef6e82edde05f5-FRA
expires: Fri, 21 May 2021 22:47:59 GMT

GET
H2 200 custom-style.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 5 KB
2 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/custom-style.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 66557
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2149
x-served-by: cache-bwi5130-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.227351,VS0,VE1
etag: "fcbc04a6dd50b1732b8fc9eb59e7a0af"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 legacy-element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 37 KB
10 KB 37ms
36ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/legacy-element-mixin.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9579
x-served-by: cache-bwi5121-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.229222,VS0,VE1
etag: "e182a618aa069c09654ed09ef890b38f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer-fn.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 2 KB
888 B 42ms
42ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer-fn.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 69067
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 788
x-served-by: cache-bwi5137-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.232177,VS0,VE1
etag: "f69a78f7e6b1f490c8a66bdfeed9b755"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 templatizer-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 6 KB
2 KB 39ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/templatizer-behavior.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2150
x-served-by: cache-bwi5139-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.232162,VS0,VE1
etag: "5108bed49f7d2059e843190568827c78"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-bind.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 6 KB
2 KB 38ms
38ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-bind.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2102
x-served-by: cache-bwi5140-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.232155,VS0,VE0
etag: "b4a48e966b782a29f9eb97504fbd2534"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 2

GET
H2 200 dom-repeat.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 26 KB
8 KB 41ms
41ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-repeat.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 8310
x-served-by: cache-bwi5128-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.232136,VS0,VE1
etag: "637b0dc7b05af8208e9feec11b1820b8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-if.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 10 KB
4 KB 40ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-if.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3950
x-served-by: cache-bwi5137-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.232136,VS0,VE1
etag: "af73511b80cee1662a0de4cc9dff63d1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 array-selector.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 14 KB
4 KB 42ms
38ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/array-selector.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 69038
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3976
x-served-by: cache-bwi5128-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.234867,VS0,VE1
etag: "a1595b639d74f3050eb026b41a74091a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 mutable-data-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 7 KB
2 KB 40ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/mutable-data-behavior.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1897
x-served-by: cache-bwi5141-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.234842,VS0,VE1
etag: "196d340215322974470d1fa62c847bad"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 html-tag.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 5 KB
2 KB 39ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/html-tag.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1878
x-served-by: cache-bwi5144-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.234905,VS0,VE1
etag: "80e4a3f100498961955505681bfd17b9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 95ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

afb5848f2f6b1a5d34f0d7a9455fb17f7cde8d2870d829e93d7b835b04e1b3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "871 / 370 of 1000 / last-modified: 1620943824"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21312
x-xss-protection: 0
expires: Thu, 13 May 2021 22:47:59 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid_v3l/ 6 KB
3 KB 90ms
28ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid_v3l/config.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f7eedd0a1e304d0923e897477fe2b3e145cc985c9461faf1dba3b78547c1a15

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:47:59 GMT
Content-Encoding: gzip
Age: 369
X-Cache: HIT
Connection: keep-alive
Content-Length: 2056
x-amz-id-2: VGzT8dmcgkLYpgUsLOiDOsaTOgmPzif1QoAz3BdaJsW0jdAMudYHB8QlyWDGwa9S8RdMZ+zf1aY=
X-Served-By: cache-hhn4062-HHN
Last-Modified: Thu, 13 May 2021 22:33:42 GMT
Server: AmazonS3
X-Timer: S1620946079.339270,VS0,VE0
ETag: "edc0067fb0b8c95d2cf03d2925af77aa"
x-amz-request-id: 6MRY90KN95FABTYF
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 4

GET
H2 200 adx Show response
securepubads.g.doubleclick.net/gampad/ 0
612 B 120ms
61ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/adx?iu=%2F7103%2Fswg%2Fpts_ma-worcester-C6718&sz=1x1&ref=&cookie=null&c=159687827101560&tile=1&u_tz=120&gdpr=1&gdpr_consent=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pbjsandwich.min.js Show response
www.gannett-cdn.com/partner/vendor/ 341 KB
108 KB 29ms
29ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5839b4112fcb5315e1942f1fa82478db1f7e3111ed9716175fc51ad8e2fcd3d3

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=up1bJA==, md5=t2MNXg+X5Xhjm5V52ikphA==
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1178459
x-guploader-uploadid: ABg5-UzLlWFVmcIom9HXecjW75p6uXSUKcl07bOe3VQybwd356X74AfTwVZPva0G4QWYAs6RQHIa2JdH-JRd_MHSPfo
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 110534
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5122-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Mon, 21 Sep 2020 20:58:55 GMT
server: UploadServer
x-timer: S1620946079.281094,VS0,VE0
etag: "b7630d5e0f97e578639b9579da292984"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 30 Apr 2021 07:26:59 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 132

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 106ms
40ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 05:09:09 GMT
content-encoding: gzip
server: Server
age: 63529
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id: xvciMGgUESojfu4KuvIMame--MiHj_KTI67HGiyripPMs3LCISvAKw==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 100ms
33ms Script
application/javascript 13.224.95.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 08 May 2021 23:57:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 427837
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: _Yqd8vX1hQbpR28DgZvuMjo6Wg-vublWR1y56L1Jm3isYlkYkiR7qw==

GET
H/1.1 200
OK 184808-89514051626416.js Show response
js-sec.indexww.com/ht/p/ 102 KB
29 KB 633ms
583ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184808-89514051626416.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c3118dd705f1a0aef5e04d78f05aeb2be98a17f26b26179289fc5d0d3c725844

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:47:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 May 2021 22:44:40 GMT
Server: Apache
ETag: "763c96-19678-5c23ddf610d99"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 29692
Expires: Thu, 13 May 2021 23:47:59 GMT

GET
H2 200 10 Show response
api.gannett-cdn.com/thorium/popular/NTEG/ 2 KB
873 B 37ms
35ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/NTEG/10?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&searchtype=socialReferrals

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

558a8f776eb6af4965895a386f659079feda01b20ea29a0a935969411c57eafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3814
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 735
x-served-by: cache-bwi5056-BWI, cache-bwi5124-BWI, cache-hhn4068-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1620946079.288558,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 / Show response
api.gannett-cdn.com/argon/navigation/1001378/top_nav_primary/ 4 KB
1 KB 36ms
35ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/argon/navigation/1001378/top_nav_primary/?apiKey=f6YYPA1hPnB9Y9chky5GOmrZKmaguLVh

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

4e5cfd5343348acc22a6111cbe7f4f8d2bcddae455d30649faf68f1605a466ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3814
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 949
x-served-by: cache-bwi5053-BWI, cache-bwi5141-BWI, cache-hhn4068-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1620946079.288622,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 10 Show response
api.gannett-cdn.com/thorium/popular/NTEG/ 16 KB
3 KB 36ms
35ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/NTEG/10?assettype=video&searchtype=pageViews&ssts=home&apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

2029aa5c6464fe2071a1be59da13516578833131c559d82e033edc33dcc3432f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 6877
x-cache: MISS, MISS, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 2939
x-served-by: cache-bwi5027-BWI, cache-bwi5130-BWI, cache-hhn4068-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1620946079.297927,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 0, 1

GET
H2 200 10 Show response
api.gannett-cdn.com/thorium/popular/NTEG/ 15 KB
3 KB 36ms
35ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/NTEG/10?assettype=gallery&searchtype=pageViews&ssts=home&apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

e891ecf43a7a45a273853e86332f5d310f5fa147daf9002a531e44cbe8fcdc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 694
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 2527
x-served-by: cache-bwi5063-BWI, cache-bwi5132-BWI, cache-hhn4068-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1620946079.298342,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 5 Show response
api.gannett-cdn.com/thorium/popular/NTEG/ 2 KB
848 B 36ms
35ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/NTEG/5?searchtype=pageViews&ssts=home&apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

558a8f776eb6af4965895a386f659079feda01b20ea29a0a935969411c57eafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3283
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 735
x-served-by: cache-bwi5064-BWI, cache-bwi5138-BWI, cache-hhn4068-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1620946079.298617,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 125 KB
34 KB 30ms
30ms Script
application/javascript 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/section.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f034dfd4e6db927b3161c63b49ff89b4f4b8c4e72359c600f5f788488ea4ce61

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=xXxbkw==, md5=5V5DKa/H1NVZTjE65xSHog==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 80
x-amz-meta-goog-reserved-file-mtime: 1620862539
x-guploader-uploadid: ABg5-UwOOnWCLTOF8iJBtQ6DucegojF5g6M11OmlYJdmwqsKWIOEXWFiGRAjs6lezu0hqSAXJpPOfk23I9gxEtVbUm8
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-encoding: br
content-length: 34066
x-served-by: cache-bwi5177-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Wed, 12 May 2021 23:35:58 GMT
server: UploadServer
x-timer: S1620946079.307144,VS0,VE1
etag: "e55e4329afc7d4d5594e313ae71487a2"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 13 May 2021 20:01:35 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H/1.1 200
OK contest_promos_telegramcom.json Show response
gh-static-resources.s3.amazonaws.com/custom-systems/upick/json/ 2 KB
3 KB 636ms
189ms Fetch
application/json 52.216.138.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gh-static-resources.s3.amazonaws.com/custom-systems/upick/json/contest_promos_telegramcom.json
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d12920e19b130dbbc6027be52dd847e66715b88ca2fa88fdf268845a1e0779f0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:00 GMT
Last-Modified: Thu, 13 May 2021 22:45:59 GMT
Server: AmazonS3
x-amz-request-id: QCVEWS4MTCPHYS2Z
ETag: "e3180ecab1ed75ab20ada892f80056f8"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: QuLnts3VLXVeOC1jyxQ74IUKzqFarTdP
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Type: application/json
Content-Length: 2407
x-amz-id-2: QlbuJLmf/6OnGFOT/U+jjlAdPgcT7HD9Np8nA9lun2TaWQ80ceg50XBb1SRsF8GZ8jTXcAHWFgw=

GET
H2 200 / Show response
api.gannett-cdn.com/thorium/breaking-news/ 56 B
223 B 34ms
34ms Fetch
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/breaking-news/?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&site-code=NTEG

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 316
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 65
x-served-by: cache-bwi5034-BWI, cache-bwi5140-BWI, cache-hhn4068-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-eaabe69925375331cb93a11e0461ed2d
date: Thu, 13 May 2021 22:47:59 GMT
vary: accept-encoding,Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-timer: S1620946079.318331,VS0,VE1
fam-ttl: 300.000
x-cache-hits: 0, 1, 1

GET
H2 200 / Show response
user.telegram.com/NTEG-GUP/user/ 626 B
1 KB 290ms
198ms Fetch
application/json 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://user.telegram.com/NTEG-GUP/user/

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d29bd1e5200b98655e689f7fe4c415ebb8699b9539944a0955810de7c7e482d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
via: 1.1 varnish
vary: Origin
x-cache: MISS
x-cache-hits: 0
content-length: 626
x-served-by: cache-fra19179-FRA
server: nginx
date: Thu, 13 May 2021 22:47:59 GMT
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://eu.telegram.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 13 May 2021 22:47:59 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gannett-network/ 1015 KB
98 KB 90ms
30ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/section.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53b3692d60d35cf46cd40dee947ff04aaac0088e6b46d5bf9f5780f1d3fe60af

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cr0.kuQpFM_uiq.H7d7ERvdRK.vCyAKa
content-encoding: gzip
etag: "b318769aa4294d0177bde11c72da91fc"
age: 11
x-cache: HIT
content-length: 100274
x-amz-id-2: alP75Y3S7NWNvSlJXDu+hkxIlMR2z6RFz6yL2xbPnsX2q5z6eYiHW/9S9PsdqHbHK4mISQPeG0Q=
x-served-by: cache-hhn11572-HHN
last-modified: Thu, 06 May 2021 15:30:19 GMT
server: AmazonS3
x-timer: S1620946079.411907,VS0,VE1
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding
x-amz-request-id: B8JYKZYMHPGR7HE9
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 36
x-cache-hits: 1

GET
H2 200 fallback1x.png
www.gannett-cdn.com/ads/adsolutions/contests/ 11 KB
12 KB 29ms
29ms Image
image/png 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/ads/adsolutions/contests/fallback1x.png?width=135&quality=50
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 84eee881362d0bf7b2e071a2731c03570113b5acd5aaab999a0470bfee6c3801

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=WzloHg==, md5=WnjNYW4AZ0W8KEhg9HSrJg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2460525
x-guploader-uploadid: ABg5-UzfzYBseNopBzvMg5dp6XyngC2QQyJCDjAU7_RNm34uUF-279bnGwehCLp-PYdabK1pFN0IdZKybRBbbFHUywo
x-cache: HIT, HIT
fastly-io-info: ifsz=28354 idim=420x420 ifmt=png ofsz=11455 odim=135x135 ofmt=png
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 11455
x-served-by: cache-bwi5177-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946079.374465,VS0,VE1
etag: "k/JVbeUYZTuBq4hqiUr0nZ6WPJdOQkJDecshJ+jUAc8"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/png
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:19:13 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 custom-style-interface.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 567 B
673 B 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 326
x-served-by: cache-bwi5127-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.381389,VS0,VE1
etag: "ceb0842ff6c53d8d13d6cf2345f41490"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 style-gather.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 9 KB
3 KB 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/style-gather.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2463
x-served-by: cache-bwi5128-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.381580,VS0,VE1
etag: "69dbd531aa8cfa3ce4d98be353c255b9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 apply-shim.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 555 B
444 B 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 320
x-served-by: cache-bwi5141-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.384858,VS0,VE1
etag: "75f54922d2507d0c43bdf946149c38b1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 31 KB
9 KB 37ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/element-mixin.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9312
x-served-by: cache-bwi5127-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.386600,VS0,VE1
etag: "06d1ac177cb051cec8015d7380f651e1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 gesture-event-listeners.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 5 KB
2 KB 37ms
36ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/gesture-event-listeners.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1652
x-served-by: cache-bwi5126-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.386597,VS0,VE1
etag: "81aec249ab16ecd66d87185d1af24db5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dir-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 7 KB
3 KB 37ms
36ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/dir-mixin.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2583
x-served-by: cache-bwi5127-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.387118,VS0,VE1
etag: "7b05eec04633200f3f7f2fd916cc3886"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 37ms
36ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/mixin.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 72194
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1003
x-served-by: cache-bwi5148-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.387069,VS0,VE1
etag: "6a6416522b85e5f0febd7a1dde74b24a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 import-href.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
2 KB 38ms
37ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/import-href.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 65374
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1503
x-served-by: cache-bwi5123-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.387319,VS0,VE1
etag: "b683689a8b2889b362fe6bd8e688d820"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 render-status.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 37ms
36ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/render-status.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 65374
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1242
x-served-by: cache-bwi5122-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.387291,VS0,VE1
etag: "ceba86ff1e6d164821527d112d1893ee"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 unresolved.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 867 B
686 B 38ms
38ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/unresolved.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 81026
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 465
x-served-by: cache-bwi5128-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.387376,VS0,VE1
etag: "39488a6f062edf87128458154f8d385d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer.dom.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 11 KB
4 KB 37ms
37ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer.dom.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29484
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3648
x-served-by: cache-bwi5145-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.387421,VS0,VE1
etag: "5c6f8ed3d9de31616650d0749dd15004"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 boot.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 37ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/boot.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1030
x-served-by: cache-bwi5125-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.390263,VS0,VE1
etag: "3baffbfb6ca8cfe5930d91fcb388b077"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 property-effects.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 99 KB
25 KB 38ms
37ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-effects.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 25739
x-served-by: cache-bwi5125-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.390256,VS0,VE1
etag: "450f1e748a1b9f8db370847325ef559d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 mutable-data.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 38ms
38ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/mutable-data.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2938
x-served-by: cache-bwi5135-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.390253,VS0,VE1
etag: "05940a4653c18c7be3a3ba99f347399f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 templatize.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 25 KB
8 KB 40ms
40ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/templatize.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 1882471
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7544
x-served-by: cache-bwi5126-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.391178,VS0,VE1
etag: "2be0b54f4f601653616444827efb1bd3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer-element.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
906 B 39ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer-element.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 690
x-served-by: cache-bwi5147-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.392817,VS0,VE1
etag: "28a69955a42d52a754d86372a315c278"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 debounce.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 39ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/debounce.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1639
x-served-by: cache-bwi5151-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.393222,VS0,VE1
etag: "cf0a53fd3761cf764a0fc5fbc8e63ce3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 flush.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
851 B 39ms
39ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flush.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 65374
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 723
x-served-by: cache-bwi5136-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.393564,VS0,VE1
etag: "e006b92de5a57141c12c7391366b1f80"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 class.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 19 KB
6 KB 38ms
38ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/class.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70939
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 6083
x-served-by: cache-bwi5135-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.395302,VS0,VE1
etag: "d81a318152a45625200636de2f23065e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 array-splice.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 8 KB
3 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/array-splice.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2909
x-served-by: cache-bwi5136-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.400395,VS0,VE1
etag: "938a97f298390ce029cece727c84d823"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 resolve-url.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/resolve-url.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1295
x-served-by: cache-bwi5129-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.480427,VS0,VE1
etag: "75c1476d2c704094aa9e0a2ad4fb8e1f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 settings.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/settings.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1503
x-served-by: cache-bwi5120-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.484103,VS0,VE1
etag: "15942810acd52ae2b0eb80847a8f5471"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-module.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 7 KB
3 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-module.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2659
x-served-by: cache-bwi5151-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.484402,VS0,VE1
etag: "650e85c88657ad6543f5c6878e2a79fc"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 properties-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-mixin.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3113
x-served-by: cache-bwi5147-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.484500,VS0,VE1
etag: "a6fa00d9cf48430838a3e13e02b2b3b8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 gestures.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 27 KB
8 KB 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/gestures.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7889
x-served-by: cache-bwi5150-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.487039,VS0,VE1
etag: "ab9b79dd0eccf903828ccc487b6b1c05"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 property-accessors.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 13 KB
4 KB 36ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-accessors.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4317
x-served-by: cache-bwi5151-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.488160,VS0,VE1
etag: "f784aae56fbe41ef5c3cafca76aaf990"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 flattened-nodes-observer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 10 KB
3 KB 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flattened-nodes-observer.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2997
x-served-by: cache-bwi5128-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.491000,VS0,VE1
etag: "33a1eb7852b67088b2381b83208022e4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 async.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 6 KB
2 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/async.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1666
x-served-by: cache-bwi5121-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946079.499195,VS0,VE1
etag: "a132e7f672cffc216d420d202cf26b14"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 7a125fbc-5b66-40ed-98e2-807ea6a2e2dc-LOC_Brimfield_Fair__16.JPG
www.gannett-cdn.com/presto/2021/05/12/NTEG/ 75 KB
76 KB 33ms
31ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/12/NTEG/7a125fbc-5b66-40ed-98e2-807ea6a2e2dc-LOC_Brimfield_Fair__16.JPG?crop=1799,1012,x0,y114&width=896&quality=50
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5036782172457e8aea4a21d726072749533ac2bca60c2597863fbbea1ac86060

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=OFsdOA==, md5=+xnQBsn2lPYW5sUUetdxtg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 94390
x-guploader-uploadid: ABg5-UwXWskoUtV-eD-aMUOO46yWtLleNiRwNlbulJKLcKMsfUykoXOXJtZ5iR08SofMINW30sE-Nheq2rxywB35R4U
x-cache: HIT, HIT
fastly-io-info: ifsz=2122814 idim=1800x1144 ifmt=jpeg ofsz=76977 odim=896x504 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 76977
x-served-by: cache-bwi5175-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.518952,VS0,VE1
etag: "UhjD1h3GTxfTRL8aagkMIK4A/JViZxLcWCzFvJLPZPY"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 May 2021 20:34:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 46f34110-d25d-490a-93da-e9409c2d4cfe-LOC_OpeningDayAG_6.jpg
www.gannett-cdn.com/presto/2021/05/11/NTEG/ 10 KB
10 KB 33ms
31ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/11/NTEG/46f34110-d25d-490a-93da-e9409c2d4cfe-LOC_OpeningDayAG_6.jpg?crop=1999,1125,x0,y113&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b44e51d6f9ccc82ba48c2a5432d445457bc3b6dff41febb0260354e29b6fd124

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=wsfqYg==, md5=LU9wPqdtTTXSFOC0IHO/6w==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 171940
x-guploader-uploadid: ABg5-Uwkq1o462DK3YCnMGUteEMmkzE9a0QexZoc-iEQlBRkWlOqGxMWPmvrJUAJZ7MnN6_jS42HpdcET5ebaRb0V0Q
x-cache: HIT, HIT
fastly-io-info: ifsz=1576947 idim=2000x1357 ifmt=jpeg ofsz=9779 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 9779
x-served-by: cache-bwi5130-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.518900,VS0,VE1
etag: "YpJ7Ek1RyCCFUHpUR0LayJZOihHXxoDQObU0R2nVaTw"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 May 2021 23:02:18 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 5a4d20c7-c1f1-4d1f-9a7d-16e9d0c7036e-LOC_OpeningDayAG_10.jpg
www.gannett-cdn.com/presto/2021/05/11/NTEG/ 11 KB
11 KB 41ms
39ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/11/NTEG/5a4d20c7-c1f1-4d1f-9a7d-16e9d0c7036e-LOC_OpeningDayAG_10.jpg?crop=1999,1125,x0,y149&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1e1c2e6df56090ab890e3d9578f6fbd55551ea0a52442105d92c9d6b545bc0f3

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yJdUhg==, md5=rAYFz8tW4r4RTMov4d7Hnw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 171939
x-guploader-uploadid: ABg5-Uz6ELMUIwroKubxE9jythmIrJWSMWsBBf4tIiFhj-m-d3NIsC228jwi-bgjPNma28fHc8lFiNw5l-Fvrcgk4F-YfKZN1g
x-cache: HIT, HIT
fastly-io-info: ifsz=1669389 idim=2000x1429 ifmt=jpeg ofsz=10779 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 10779
x-served-by: cache-bwi5146-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.521674,VS0,VE1
etag: "bVx+0kdXKltWmpzW/9+Zg+Zdn4PKdcHkD/IQXaAsqLg"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 May 2021 23:02:19 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 4a175b76-d570-460b-86cb-ec424754bff5-SPT_WooSox_54_69.jpg
www.gannett-cdn.com/presto/2021/05/05/NTEG/ 8 KB
8 KB 39ms
37ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/05/NTEG/4a175b76-d570-460b-86cb-ec424754bff5-SPT_WooSox_54_69.jpg?crop=1999,1125,x0,y149&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7048a70a2561fba8958052325f67c88672bea2e6549d475d9d07d57922851026

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KBBHdQ==, md5=NPXGL+EotaZ1cpjqVAatNw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 650935
x-guploader-uploadid: ABg5-UxvsDuE_CPzRyjWDSprTor9fivYqQHd3UEb_SCJfvObK0yUrbJ_mTEJjioL6m-5eEft3J0UFvat4C7JirdSaqK41v2BLA
x-cache: HIT, HIT
fastly-io-info: ifsz=1523044 idim=2000x1429 ifmt=jpeg ofsz=8230 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 8230
x-served-by: cache-bwi5168-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.521655,VS0,VE1
etag: "FKt36O29ljlGoH6Ont6iY4eVUOETvpLu47mle5OSDp0"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 May 2021 09:59:04 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 70efc48e-fee7-4479-86a5-dac0145e4932-LOC_Leicester_police_1.JPG
www.gannett-cdn.com/presto/2021/05/09/NTEG/ 12 KB
13 KB 39ms
38ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/09/NTEG/70efc48e-fee7-4479-86a5-dac0145e4932-LOC_Leicester_police_1.JPG?crop=2399,1350,x0,y122&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 35320aa29e4bc2eee21e8310b16b43068c0a7b6beab6584989ec39b42f7bff10

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=5NsbwQ==, md5=VwAXGBY48i/Z5pqS48Y6eA==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 361612
x-guploader-uploadid: ABg5-UzbqHPmXV8J86MWVzBYrDDg7JETifBD1AETpASKurF_f1jgU-Q2T21vnYO_2fOKNZDK6t6_DtQ4C59Rxu9qKIaAWD-4YQ
x-cache: HIT, HIT
fastly-io-info: ifsz=2205229 idim=2400x1600 ifmt=jpeg ofsz=12787 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 12787
x-served-by: cache-bwi5159-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.521643,VS0,VE1
etag: "7jpN35sxIwvBCCNU7GketIVRQ7Pc5j1OJvT/iPK2zkM"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 09 May 2021 18:21:06 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 2ab4ddd7-8da5-47f5-aff2-27960e011c9a-LOC_Leicester_police_4.JPG
www.gannett-cdn.com/presto/2021/05/09/NTEG/ 12 KB
12 KB 41ms
40ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/09/NTEG/2ab4ddd7-8da5-47f5-aff2-27960e011c9a-LOC_Leicester_police_4.JPG?crop=2399,1350,x0,y96&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 29e04c948e0455803f87b6e1ca9516e4976368e8ad05ff16c31db762a6f06a4f

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=b5YNQw==, md5=ooO4IYOv+BPSqDuMbzk0kw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 361609
x-guploader-uploadid: ABg5-UwpZp5ZfSjOJ4nBNAzP9GGS-QIkDPhRaBGLfPJlOy2AUy4ka9bxnpr780eyTi6_STMA_RMGPC9VnAZiYAC2NKJ4Q-aXmw
x-cache: MISS, HIT
fastly-io-info: ifsz=2682537 idim=2400x1549 ifmt=jpeg ofsz=12055 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 12055
x-served-by: cache-bwi5171-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.521638,VS0,VE1
etag: "JSNfBoxNI/Sure6fl4Peu03nn0oUihmCvozbOPMThRo"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 09 May 2021 18:21:10 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 f8d9581c-cc87-47d4-baf8-4a3875170dd2-0407DriveBillyMcMillon.jpg
www.gannett-cdn.com/presto/2021/02/05/NTEG/ 9 KB
9 KB 37ms
36ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/02/05/NTEG/f8d9581c-cc87-47d4-baf8-4a3875170dd2-0407DriveBillyMcMillon.jpg?crop=3442,1937,x0,y150&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6465f3dd2acc6f346fea9f64ef36e67d6afd00904256d0eaf1f9c1aae7f50c2f

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=WYF4vA==, md5=RKy8v2ValKUysJpC+E/A6Q==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 646141
x-guploader-uploadid: ABg5-UyvoHny8DbMzmIdsrxYhCX3RB-cS0K5mpARh_VAABdlD-cqIsEoIT2Ry5AC1qM0wUsDLToZo3p09QCxz1aPMQt4tbYlBg
x-cache: HIT, HIT
fastly-io-info: ifsz=1152768 idim=3443x3000 ifmt=jpeg ofsz=8922 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 8922
x-served-by: cache-bwi5125-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.521628,VS0,VE1
etag: "LBWHiCw0oY56/TclZSOji+FND0vHmQYp9PgHfdkjVwU"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 May 2021 11:18:58 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 51e502d1-7455-4250-89e4-f83e77321e6e-SPT_WooSox_54_65.jpg
www.gannett-cdn.com/presto/2021/05/05/NTEG/ 7 KB
8 KB 42ms
40ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/05/NTEG/51e502d1-7455-4250-89e4-f83e77321e6e-SPT_WooSox_54_65.jpg?crop=1999,1125,x0,y149&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: daf900b0d9166ef03d760110de12cbe13eb4eecf5f3f87e819a922b6fd376a63

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Zsu/Vw==, md5=Mbbor8wUCMPIFsjHXVrHfw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 637483
x-guploader-uploadid: ABg5-UxUbYKRsiDmN6skPxGnSv1v5BurAdRq8qtr7RXS6ehpGkBggytyEtoK65NXaK5KTnMVhYEbBBY4jalY1gsgjS6tv6f58A
x-cache: HIT, HIT
fastly-io-info: ifsz=2416473 idim=2000x1429 ifmt=jpeg ofsz=7089 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 7089
x-served-by: cache-bwi5178-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.522151,VS0,VE1
etag: "YLzNYDRmZ2A3m7un0i1y1yWQ8Llb4oFUZNEYYC7BbU0"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 May 2021 13:43:15 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 028f0254-f3d8-4c59-8e8d-e6ca564d2665-USATSI_15657079_1.jpg
www.gannett-cdn.com/presto/2021/03/11/NTEG/ 6 KB
7 KB 40ms
38ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/03/11/NTEG/028f0254-f3d8-4c59-8e8d-e6ca564d2665-USATSI_15657079_1.jpg?crop=3018,1698,x0,y0&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bff41d9e02ab7c4066fe4d42af0f7ace7c1716c9a971744bcaa0707e22f02eed

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=gzqeAA==, md5=WsTJD6LgxDIhg/GKsgGmDw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2175283
x-guploader-uploadid: ABg5-UwbXCBcjohuVCun79qhnXL9SRbjLb_aKJY1IM0PWSbxsKohp3nJF_8Jbpi22Dg1GPhUt75bPysj4sRaNVogQWeDE8rEqw
x-cache: HIT, HIT
fastly-io-info: ifsz=2006717 idim=3019x2019 ifmt=jpeg ofsz=6655 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 6655
x-served-by: cache-bwi5133-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.522131,VS0,VE1
etag: "nDS2quxz/SME1HoGUOsFSkGFCJeu/cH+uLl3SFsHGkk"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 18 Apr 2021 18:33:16 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 bca20095-c82c-4eb9-88fa-e45a0915a9a1-yatim.jpg
www.gannett-cdn.com/presto/2021/05/02/NTEG/ 6 KB
6 KB 42ms
40ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/02/NTEG/bca20095-c82c-4eb9-88fa-e45a0915a9a1-yatim.jpg?crop=8191,4608,x0,y0&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 69116f4eb740043cfa41f766af60af4e008c795e3c76db2a966310f159173bc5

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=MNVWpw==, md5=FzRHB4LqhkChPFEHEBVXWA==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 958084
x-guploader-uploadid: ABg5-UwQAc7LiTCbLC_Dm2G5BkELXkWxtJT_W3o8thyTMPzdloVEK1uiImaJeLcHsRgyBAZI-ituKMGaqOOibOOcgvZyUjerNQ
x-cache: MISS, HIT
fastly-io-info: ifsz=10260229 idim=8192x5464 ifmt=jpeg ofsz=5748 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 5748
x-served-by: cache-bwi5164-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.522619,VS0,VE1
etag: "Bs9vIZaI+iiUPYIUGw4/SZA0Hfw/nPy3p3OpPVgi92w"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 02 May 2021 20:39:55 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 df9742f9-ec20-42b1-b381-674c3c0f51ff-SPT_WooSox_512_22.jpg
www.gannett-cdn.com/presto/2021/05/13/NTEG/ 35 KB
36 KB 38ms
34ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/13/NTEG/df9742f9-ec20-42b1-b381-674c3c0f51ff-SPT_WooSox_512_22.jpg?crop=1999,1125,x0,y101&width=896&quality=50
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5820a88a9d63b43954b224fd6c21f2bcf8a6c8e7e842073ce9f9dd72940bc44

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=V37TBg==, md5=SC93QVT4DnE3XmMRzzZ/ig==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 77191
x-guploader-uploadid: ABg5-UwTNVeC2p5CSnlmfK3e1tL0Zwiytk7-0SPaMMwQJk9fTlprU8uS2tJey8nm_AORR-GmZwxFbSibJDvETYCl3AGrqmmT3g
x-cache: HIT, HIT
fastly-io-info: ifsz=1690701 idim=2000x1333 ifmt=jpeg ofsz=36176 odim=896x504 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 36176
x-served-by: cache-bwi5174-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.529362,VS0,VE1
etag: "SLC1ujfyH8VXovl98+SSkmeDOAMTAktD5wQr9rzwTzs"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 13 May 2021 01:21:28 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 f8be6d4a-7173-4cd4-8d2b-cfce794895c4-SPT_LeoShrews_10.jpg
www.gannett-cdn.com/presto/2021/05/12/NTEG/ 10 KB
10 KB 37ms
33ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/12/NTEG/f8be6d4a-7173-4cd4-8d2b-cfce794895c4-SPT_LeoShrews_10.jpg?crop=1999,1125,x0,y0&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 35962190ab6297507a91a93fd08df28bc7231fa84da968112b42741d23710c30

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=JGJJaw==, md5=P0fP4OpVLedXYUviT6VvIw==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 89613
x-guploader-uploadid: ABg5-UxW2PF8P7JjUUBcsSa0Tz1vMw4RYgQyf5lqSounC4MShfse8kcxJG1k50THLuAaaOWF6NJNsmlGb1Qw2MiyIIzPaUCWeg
x-cache: HIT, HIT
fastly-io-info: ifsz=1018106 idim=2000x1428 ifmt=jpeg ofsz=9964 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 9964
x-served-by: cache-bwi5161-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.529437,VS0,VE1
etag: "cKoFpXy3Ty5j0nIsKI/7775jY1U5O1YJe/y/7+j6IXE"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 12 May 2021 21:54:26 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 e5bf479c-bdaa-4515-81e0-38fa1c8805d6-LOC_OpeningDayAG_1.jpg
www.gannett-cdn.com/presto/2021/05/11/NTEG/ 13 KB
14 KB 39ms
36ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/11/NTEG/e5bf479c-bdaa-4515-81e0-38fa1c8805d6-LOC_OpeningDayAG_1.jpg?crop=1999,1125,x0,y121&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fa7b29a1da6988453202875e156d4dccaefdebe6f07d391ddd31a206e9db732

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=7i92mQ==, md5=G0cN78VoeEoOlg1QUl0kvQ==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 171945
x-guploader-uploadid: ABg5-Uy8WxZMi6fk_gmCbwN6FcFu6kduFN6xsWZbIzF7CqIxmpK511spAG3nMm4ir1HeWRCOs5D2KQou5Uug0UDWu14
x-cache: HIT, HIT
fastly-io-info: ifsz=2794308 idim=2000x1373 ifmt=jpeg ofsz=13309 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 13309
x-served-by: cache-bwi5178-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.530481,VS0,VE1
etag: "0exF8yn6b4ZRrXRYwRTR4lCPZV0UbgZer9fryJdJY9I"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 May 2021 23:02:14 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 626b6542-8fb9-4f16-8215-a607c4d61309-LOC_wogosox_1220.jpeg
www.gannett-cdn.com/presto/2021/05/11/NTEG/ 15 KB
15 KB 40ms
36ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/11/NTEG/626b6542-8fb9-4f16-8215-a607c4d61309-LOC_wogosox_1220.jpeg?crop=1999,1125,x0,y335&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: acdbec0a29738429b95f1222388a4fff6b5aff5ebb18e16584e23e818ee6d029

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Ia5W7g==, md5=/QCADlrd4B6D5OeAmU38tA==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 211766
x-guploader-uploadid: ABg5-UzExX98Tr0f68yspOuM0Sclb1fahAyNEo--av4w-qqvx_jPZOWUWlGfWXBji-uwcrydRsYydU-4fPX56GVuMChsMxqR3w
x-cache: HIT, HIT
fastly-io-info: ifsz=297236 idim=2000x1679 ifmt=jpeg ofsz=15195 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 15195
x-served-by: cache-bwi5137-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.530685,VS0,VE1
etag: "W586ZMHjD8MJ/tlBFkzKHqj/K2xUsrlW9ju6j/ipz4M"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 May 2021 11:58:33 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 825a000e-bdf7-4fe3-b9f4-698a1435614f-SPO_Millbury_Leicester_4.jpg
www.gannett-cdn.com/presto/2021/05/11/NTEG/ 10 KB
10 KB 41ms
37ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/11/NTEG/825a000e-bdf7-4fe3-b9f4-698a1435614f-SPO_Millbury_Leicester_4.jpg?crop=1999,1125,x0,y100&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 87e3f3ac4e350373848452ef3c2b625aef59f766d737662655fd45e5b12ed44f

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=uosJYA==, md5=oEtSfjgEh6UquyduBuI8mA==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 253837
x-guploader-uploadid: ABg5-UybHQg_2pRIEj8WRtR5vCgTZENl03rDprQT1loafqkyyl1RmxRktezg-5FfxUG5Bxzz4ZI-4VTIUY-L9TuvpaTO5_jCqQ
x-cache: HIT, HIT
fastly-io-info: ifsz=941161 idim=2000x1330 ifmt=jpeg ofsz=9909 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 9909
x-served-by: cache-bwi5172-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.530719,VS0,VE1
etag: "94T0fZ6bNDehsQooKhLaDIuag3286t9faKFuq40bNOs"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 11 May 2021 00:17:22 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 753c5e25-a82e-44a3-a137-54d6c8080a9f-LOC_Becker_9.jpg
www.gannett-cdn.com/presto/2021/05/08/NTEG/ 10 KB
11 KB 41ms
38ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/08/NTEG/753c5e25-a82e-44a3-a137-54d6c8080a9f-LOC_Becker_9.jpg?crop=1999,1125,x0,y129&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 83acbac530682b1fc16e4f813bf608959032e691f942e53edcbfc2d82f40e22b

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=CmgyFQ==, md5=+iFU3rzo+sKCdtgb3uSz3Q==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 453204
x-guploader-uploadid: ABg5-UwiEV9amiyervH7KJA6U8fMlWxfBSzhWkla_i3yE_aDXazUoyrnIwqoxZCHFT8ffEvLEXr0QlPw8-8AWF-F2Kw
x-cache: HIT, HIT
fastly-io-info: ifsz=1353624 idim=2000x1389 ifmt=jpeg ofsz=10653 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 10653
x-served-by: cache-bwi5123-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.531375,VS0,VE1
etag: "3geBj7E+hgB1VArmsSWjmrV+/ZAkjE4z+J2uOhuDZws"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 08 May 2021 16:54:35 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 8c2861fd-bed5-4849-b29d-0b9d299f3f79-LOC_Polar_58_1.jpg
www.gannett-cdn.com/presto/2021/05/08/NTEG/ 8 KB
8 KB 42ms
40ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/08/NTEG/8c2861fd-bed5-4849-b29d-0b9d299f3f79-LOC_Polar_58_1.jpg?crop=1999,1125,x0,y149&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 96a7febe50fd6453294eca5c5c225f7eb1674d82fbef0de7e38d5d603e545a2a

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=3m0Vzw==, md5=O2+9XdcAjQqP1qSz717rAg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 434416
x-guploader-uploadid: ABg5-UydHQhXW4MVZYoAejitlUjNFeZX_sQ6wJWAbltzfoU5IIjQsbq9vqlevNXnpGl1upgZi55PUvzAjPnSA0U-VlScZb7yAA
x-cache: MISS, HIT
fastly-io-info: ifsz=1846115 idim=2000x1428 ifmt=jpeg ofsz=8159 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 8159
x-served-by: cache-bwi5120-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.533721,VS0,VE1
etag: "Bzf1VjaASNTZUxyWj394+q8Jd6e7fnO+gzBi9G2x3/M"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 08 May 2021 22:07:43 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 6c10ae4b-e134-4585-9d22-9830e458ac0d-Doherty_South_01.jpg
www.gannett-cdn.com/presto/2021/05/08/NTEG/ 10 KB
11 KB 41ms
39ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/08/NTEG/6c10ae4b-e134-4585-9d22-9830e458ac0d-Doherty_South_01.jpg?crop=1999,1125,x0,y0&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d123190344230d11c75e44332b9552d8714af8c810874f7752e64b05241b352

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=c5ihww==, md5=t5ABeTPp1UE5dfixwnZDGQ==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 511532
x-guploader-uploadid: ABg5-UyqlEhrK6zDLcQfT7tkvFXMwCPm2CRTfRms59OBK8-HcmvGnzBk4hA7NdclveREoUElhM5fQY1agv_BMM2QdmY
x-cache: HIT, HIT
fastly-io-info: ifsz=1312868 idim=2000x1373 ifmt=jpeg ofsz=10189 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 10189
x-served-by: cache-bwi5131-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.533700,VS0,VE1
etag: "/0WKqkBHxZkgjPEicgGafBVYcAJykZCg20FP1rdJQbs"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 08 May 2021 00:42:26 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

GET
H2 200 b0a3183e-d6d9-4c7c-a703-6489dd047926-PB-2021-030-85-Green-Street-DSP-Site-Plan-Renderings-pdf_1.png
www.gannett-cdn.com/presto/2021/05/05/NTEG/ 153 KB
154 KB 43ms
41ms Image
image/png 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/05/NTEG/b0a3183e-d6d9-4c7c-a703-6489dd047926-PB-2021-030-85-Green-Street-DSP-Site-Plan-Renderings-pdf_1.png?crop=629,354,x69,y0&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ab75bed71fb97ab901fad8210b383818dd955450886014d5798eb0badf858c39

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=SDTDaQ==, md5=wuwxvPwyvZkoCIzK3w2DBg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 712193
x-guploader-uploadid: ABg5-UxHZ6XLpRccLiXjoYCoiM8xzqjYZjngOjfKeu-CinkvHqXwKCT3ZUHWPA_EPAHXL50dm6T86sUAApFWQXoEWv4M8HnnbA
x-cache: HIT, HIT
fastly-io-info: ifsz=557987 idim=768x355 ifmt=png ofsz=156472 odim=384x216 ofmt=png
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 156472
x-served-by: cache-bwi5166-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.533700,VS0,VE1
etag: "zCaDMycGHAFD50Sdpz0b2zczRwvfo1TkyDI1/HKLQR8"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/png
access-control-allow-origin: *
expires: Wed, 05 May 2021 16:58:06 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 f984e038-dc45-4bd4-ba22-0f1b25dae534-IMG_8816.jpg
www.gannett-cdn.com/presto/2021/05/05/NTEG/ 16 KB
17 KB 49ms
48ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/05/NTEG/f984e038-dc45-4bd4-ba22-0f1b25dae534-IMG_8816.jpg?crop=503,283,x0,y25&width=384&quality=50&crop=16%3A9
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c8919e6b0b590371e8c88684d2f409615c0c650f8854befd1df1147855608a59

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yFv+IQ==, md5=NXU8/Vlj50WY3TelLrEdqg==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 707769
x-guploader-uploadid: ABg5-UyCH1g_s3yIXeOQquK8MpjiA6oRKnrBZuAzHGXFt0wHwRNVJklOtn5WjWyCgBEkVZv9RjwhWHm3o34AcFrQ8Q
x-cache: HIT, HIT
fastly-io-info: ifsz=315286 idim=504x336 ifmt=jpeg ofsz=16800 odim=384x216 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 16800
x-served-by: cache-bwi5176-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.533687,VS0,VE1
etag: "V71r2uTlL9RiWjN+ztv6iCM25oewYz8c4aXVq0UDR70"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 05 May 2021 18:11:50 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 cc0193fc-7c55-4e35-9818-dbe3bfb975a0-4959282001p_HOP_rally2.jpg
www.gannett-cdn.com/presto/2021/05/06/NMWD/ 13 KB
13 KB 49ms
48ms Image
image/jpeg 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/05/06/NMWD/cc0193fc-7c55-4e35-9818-dbe3bfb975a0-4959282001p_HOP_rally2.jpg?crop=1999,1125,x0,y86&width=448&height=252&quality=50
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ebf8278fb12d50b4ef821fbc8063798ca10b08f4107482e9be9f71f90570798f

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=1CBr3Q==, md5=0nGowk5O1AP/R18UTy0XdA==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 603701
x-guploader-uploadid: ABg5-UwEkTvOWbzVTPrbF8IYqgja9-qPgzRSrR9Nmx_evCFiQ6OUQ8n83dhqpnklHW5M2aL1Z2CYhMmJtLQ-5anbQYE
x-cache: HIT, HIT
fastly-io-info: ifsz=615618 idim=2000x1720 ifmt=jpeg ofsz=13116 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 13116
x-served-by: cache-bwi5130-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946080.535814,VS0,VE1
etag: "gzQuMb7Imo3athE5+eq1U5v6LPIAzwSxbzDeyAMaZqE"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 06 May 2021 23:06:17 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt_v3l/202105121315/ 99 KB
32 KB 29ms
28ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt_v3l/202105121315/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid_v3l/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e192c9dfcfe0b669bf261318cdc2c8f5e7a9e8392de2f0fa3c32045a9f4b06

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:47:59 GMT
Content-Encoding: gzip
Age: 790
X-Cache: HIT
Connection: keep-alive
Content-Length: 31920
x-amz-id-2: U/DS/AdqlaGZ3qqubdXw7xidXZHifP7uYZooC/JflYmMt0AAs4WNmRbBDXKfyvkWUwnOZUtkgTg=
X-Served-By: cache-hhn4062-HHN
Last-Modified: Wed, 12 May 2021 17:16:30 GMT
Server: AmazonS3
X-Timer: S1620946080.535949,VS0,VE0
ETag: "e550a9d35d300bbfa8e300f4defe69f3"
x-amz-request-id: QEBAFGA36NMZ569Q
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 49

GET
H2 200 NTEG-TEALIUM-UW.json Show response
www.gannett-cdn.com/dcc/prod/ 44 KB
6 KB 86ms
28ms XHR
application/json 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dcc/prod/NTEG-TEALIUM-UW.json
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7b8e97fcdb3ea29625c7195f9a46481a9060350a3588c77cff7f248f00f56269

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=5Fx5ug==, md5=5JStox0771eMHiax1OSREA==
date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 160
x-amz-meta-goog-reserved-file-mtime: 1620749068
x-guploader-uploadid: ABg5-UwmmbvlnFCPN-N54dHSDWvoVBjBeAyGoZWbCGZ6gfRizidRNmMdOrDJjDUWwMXWhMZr8GGy5ZewOvs5OfkWzG4MjxWhPw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-encoding: br
content-length: 4884
x-served-by: cache-bwi5157-BWI, cache-fra19141-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
last-modified: Tue, 11 May 2021 16:16:35 GMT
server: UploadServer
x-timer: S1620946080.606210,VS0,VE0
etag: "e494ada31d3bef578c1e26b1d4e49110"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
expires: Thu, 13 May 2021 05:43:36 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H3-29 200 pubads_impl_2021051101.js Show response
securepubads.g.doubleclick.net/gpt/ 305 KB
108 KB 74ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051101.js?31061153

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

314ed60012f54eaf96fcc40f94424a4a44e11c3515631d1f445c3d3f7a09e3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110094
x-xss-protection: 0
expires: Thu, 13 May 2021 22:47:59 GMT

GET
H2 200 path.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 7 KB
2 KB 35ms
34ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/path.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2048
x-served-by: cache-bwi5130-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.599774,VS0,VE1
etag: "9c50ebf02f5695e8e561d999a38130b5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 case-map.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/case-map.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 29483
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 784
x-served-by: cache-bwi5147-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.599911,VS0,VE1
etag: "6c6b9837ece12100d4cf4ed763989b68"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 template-stamp.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 20 KB
6 KB 36ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/template-stamp.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 68758
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 6028
x-served-by: cache-bwi5139-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.599978,VS0,VE1
etag: "c6a88631bee700a9d0ea4929ac7d7c94"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
217 B 169ms
55ms Image
image/gif 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:17a3e03c-c196-f448-ab26-66e4b59553c4
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app37.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 iasADX.js Show response
static.adsafeprotected.com/ 12 KB
4 KB 167ms
52ms Script
application/javascript 34.249.39.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasADX.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.39.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-39-204.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: df9aa20a3dc2c29281028c2a8714d61048ac869232e9c25abc2736a0e944a998

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 17:10:12 GMT
server: nginx/1.16.1
age: 252125
etag: W/"4690977459fac18531cecf0d0078b94d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 109ms
33ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 56141
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Thu, 13 May 2021 07:12:19 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: GPixlyORpXelMV3UGmFzdx5sa8NG_imS_DBqbvP5TP4NVFA4CTw70Q==

GET
H2 200 telemetry.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
935 B 35ms
35ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/telemetry.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 776
x-served-by: cache-bwi5125-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.617875,VS0,VE1
etag: "863322f656542c1dd71e0580cc5c6106"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 properties-changed.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 21 KB
6 KB 36ms
36ms XHR
text/html 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-changed.html

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 70938
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5554
x-served-by: cache-bwi5147-BWI, cache-hhn4068-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.617921,VS0,VE1
etag: "cb0b7819ecf4cbd8c49f86bdeb7b4803"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 load.js Show response
widget.perfectmarket.com/gannett-network/ 4 KB
2 KB 415ms
329ms Script
application/javascript 199.232.137.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gannett-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 024f01d45739e9da991c4b69d20974d373b02a9a9136ea9238d41225ffdf240a

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FtrzjpCo_R4NwjFNAxfvQq7wmHdrSMEE
content-encoding: gzip
etag: "6741cf7eaf54542e80e7ba010ed407e6"
age: 326
x-cache: HIT, HIT
content-length: 1488
x-amz-id-2: ULKR192gnRlQaznQ547ilGES5jWmwOUuA2fhhuvChmC6RJBooShqrj4Wm/wN7tP7oT+MQWS7vBc=
x-served-by: cache-sna10751-LGB, cache-hhn11526-HHN
last-modified: Tue, 17 Mar 2020 06:51:52 GMT
server: AmazonS3
x-timer: S1620946080.797374,VS0,VE295
date: Thu, 13 May 2021 22:48:00 GMT
vary: Accept-Encoding,,
x-amz-request-id: RTKMBP1P4SYCHWZF
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20210506-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 483 KB
111 KB 29ms
28ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 41boWY3bJBMsg5YZKthz6VWW_ra1A1Nu
content-encoding: br
etag: "6d4c8a6b6f8d35505c6e01c7fb07f642"
age: 22233
x-cache: HIT
content-length: 113273
x-amz-id-2: Jz+mk2WKho6pVenJ+RfhB43/gV2OpeYCHC3M3A3hzF3mg6O2HNBjn0UGO0PBZHwMROEquGuYEoM=
x-served-by: cache-hhn11572-HHN
last-modified: Thu, 06 May 2021 08:25:51 GMT
server: AmazonS3-br
x-timer: S1620946080.711560,VS0,VE0
date: Thu, 13 May 2021 22:47:59 GMT
vary: Accept-Encoding
x-amz-request-id: EX5RYS5ZXRCN50PS
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 43
x-cache-hits: 114371

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 100ms
33ms Script
application/javascript 13.224.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-18.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:36:45 GMT
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: oZpCWgt4PjM2y1Dm6gkNin05Ioc2-omEpGAGnsz1xN3HSOy1LHeQnA==

GET
H2 200 custom-style-interface.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 3 KB
2 KB 32ms
32ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
age: 1531225
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1346
x-served-by: cache-bwi5136-BWI, cache-hhn4022-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.737734,VS0,VE1
etag: "0bcf779c48ca31aad51499609f591fac"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 407 KB
127 KB 62ms
43ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e9164448bbb0306f0ad72dad13782ef08ae66a9ac3d9b857d9a57a8a3468a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 163
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a0983681d000005f128158000000001
wn: prod-dash-10-0-115-122
last-modified: Thu, 13 May 2021 01:18:32 GMT
server: cloudflare
etag: W/"416463-1620868712000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 64ef6e869a5f05f1-FRA
expires: Thu, 13 May 2021 22:52:59 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 269 B
502 B 185ms
83ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-native-front-tile-0-container,ss:%5B2.3%5D,p:/7103/ma-worcester-C6718/native-front_tile/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2beff6219304f59ca6d97eee8f9729b4b184434e9c49cd48b6a214a988c5bab5

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 262 B
496 B 156ms
54ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-high-impact-1-container,ss:%5B2560.1440,970.250,970.90,970.66,970.60,728.90,1.2,2.4%5D,p:/7103/ma-worcester-C6718/high_impact/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 46d592855f74604d8c3edcd886206a5ece2f4424cc447884b917ce9639e9a1d6

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app39.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 501 homepage;misc=1620946079831;us_privacy=1---; Show response
adserver.adtechus.com/pubapi/3.0/10315.1/8/0/728x90/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/high_impact/ 0
192 B 531ms
449ms XHR
text/plain 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10315.1/8/0/728x90/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/high_impact/homepage;misc=1620946079831;us_privacy=1---;
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://eu.telegram.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 315 B
2 KB 228ms
118ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=37664&zone_id=156954&size_id=2&alt_size_ids=42%2C55%2C57&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Feu.telegram.com%2F&tg_i.adcount=1&tg_i.domain=telegram.com&tg_i.section=home&tk_flint=pbjs_lite_v4.8.0&x_source.tid=6f8b367d-8a91-4976-bca6-c71a4401015b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2078294807017358
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1d5299ded19564097461f81d5f77d1e3ee298708dd47d6a1facf8abe184dabe5

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 315
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 129ms
70ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:47:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 arj Show response
gannett-d.openx.net/w/1.0/ 186 B
570 B 106ms
44ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Feu.telegram.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6f8b367d-8a91-4976-bca6-c71a4401015b%2C6f8b367d-8a91-4976-bca6-c71a4401015b&nocache=1620946079836&us_privacy=1---&aus=2560x1440%2C970x250%2C970x90%2C728x90%2C970x66%2C970x60%2C2x4%2C1x2%7C2560x1440%2C970x250%2C970x90%2C728x90%2C970x66%2C970x60%2C2x4%2C1x2&divIds=partner-high-impact-1-container%2Cpartner-high-impact-1-container&auid=538809200%2C540401032
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 94f4e38ac958e4fc56987f041a16b8e964e0ffe7f30cddbb22beed4eec66e959

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:47:59 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://eu.telegram.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
169 B 311ms
103ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
477 B 163ms
91ms XHR
application/json 3.121.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.8.0&referrer=https%3A%2F%2Feu.telegram.com%2F&tmax=1600&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.66.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-66-29.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:47:59 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://eu.telegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 140 B
777 B 162ms
58ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fma-worcester-C6718%2Fhigh_impact%2Fhomepage%7C1693ced8959778%22%3A%222560x1440%2C970x250%2C970x90%2C728x90%2C970x66%2C970x60%2C2x4%2C1x2%22%7D&ref=https%3A%2F%2Feu.telegram.com%2F&s=8f3ae556-13d3-424e-8331-ff417dff9be5&pv=996e2068-8f68-46c3-9959-7743c97bb6a5&vp=desktop&lib_name=prebid&lib_v=4.8.0&us=5&ius=1&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ac481da99bf99fa16aab19b9381f02ff6049184e2eb5fa618572bce1b02ec805

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:47:59 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 165
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 143ms
77ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3cfa18fe7cde76da9baf805429a777f7ab4375a5123255d054ffbddf688c34f9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:47:59 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: 94bf4760-231f-4284-9db1-73d802190056
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 90ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.8.0&cb=37005924861
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:47:59 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 66ms
65ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Feu.telegram.com%2F&pid=qzLJokrAb7RO2&cb=0&ws=1600x1200&v=7.64.00&t=1800&slots=%5B%7B%22sd%22%3A%22partner-high-impact-1-container%22%2C%22s%22%3A%5B%222560x1440%22%2C%22970x250%22%2C%22970x90%22%2C%22970x66%22%2C%22970x60%22%2C%22728x90%22%2C%221x2%22%2C%222x4%22%5D%7D%5D&pj=%7B%7D&cfgv=0&gdpre=1&gdprc=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: wQmbCxM-CMj1gKj1hx8lBt8apFBdf-z9Q8CoMHV6EM46LWe7V3ovRQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 303 B
536 B 123ms
56ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-inline-flex-2-container,ss:%5B300.250%5D,p:/7103/ma-worcester-C6718/inline_flex/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 212503c9ff8a972fc5c586499e9c00052db30bcd910a111d47f52a5c13bc1a38

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app34.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 62ms
61ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Feu.telegram.com%2F&pid=qzLJokrAb7RO2&cb=1&ws=1600x1200&v=7.64.00&t=1800&slots=%5B%7B%22sd%22%3A%22partner-inline-flex-2-container%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%7D&cfgv=0&gdpre=1&gdprc=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: egoaUDfg8Z2xnABvG6RSjUPBG96Ea9X7XJ4XIJ_0cFXzCa_pR7n3RA==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 303 B
536 B 118ms
56ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-inline-flex-3-container,ss:%5B300.250%5D,p:/7103/ma-worcester-C6718/inline_flex/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1d6a2c513d8f1caeae77f8df5c5714f4565eee1f284d2646f979b640ec276fe

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app07.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
372 B 64ms
64ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Feu.telegram.com%2F&pid=qzLJokrAb7RO2&cb=2&ws=1600x1200&v=7.64.00&t=1800&slots=%5B%7B%22sd%22%3A%22partner-inline-flex-3-container%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&pj=%7B%7D&cfgv=0&gdpre=1&gdprc=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: CNkGg9fIoOVZmmUX2dpIpRa8qPbVXnXwkXO8vFLn88MynTxjrblNuQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 254 B
487 B 137ms
82ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-leaderboard-btf-4-container,ss:%5B728.90%5D,p:/7103/ma-worcester-C6718/leaderboard_btf/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c36fab5ff12dd27cd6909d9f561b13a1e402c489f5ceaef7b8cb2279528f3c4c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app25.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 62ms
62ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Feu.telegram.com%2F&pid=qzLJokrAb7RO2&cb=3&ws=1600x1200&v=7.64.00&t=1800&slots=%5B%7B%22sd%22%3A%22partner-leaderboard-btf-4-container%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pj=%7B%7D&cfgv=0&gdpre=1&gdprc=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: rpfA8XQe0cDH4udBL9-VIQXvaO3054dcWFv6vB7tJ7b_BuWbmVwRCA==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 269 B
502 B 130ms
82ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-front-5-container,ss:%5B300.250,300.600%5D,p:/7103/ma-worcester-C6718/poster_front/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4f282833db23da3b023c79da69f86697dd606c1ea39c947bbc7b33f6fbb31ef4

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app14.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 63ms
63ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Feu.telegram.com%2F&pid=qzLJokrAb7RO2&cb=4&ws=1600x1200&v=7.64.00&t=1800&slots=%5B%7B%22sd%22%3A%22partner-poster-front-5-container%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&pj=%7B%7D&cfgv=0&gdpre=1&gdprc=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: azCEAb3NrLsc-WGSYxiGeI3Q4z8OSkxB0XZv4xsSjUljVHz4ZE9SPQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 351 B
583 B 96ms
55ms XHR
application/json 54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:partner-poster-scroll-front-6-container,ss:%5B300.250,300.600%5D,p:/7103/ma-worcester-C6718/poster_scroll_front/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=17a3e03c-c196-f448-ab26-66e4b59553c4&url=https%253A%252F%252Feu.telegram.com%252F
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 02434ad36274485e3cdd66638380e6c38aa452e944194c22f812fd148a159a64

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
x-server-name: app11.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 69ms
68ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Feu.telegram.com%2F&pid=qzLJokrAb7RO2&cb=5&ws=1600x1200&v=7.64.00&t=1800&slots=%5B%7B%22sd%22%3A%22partner-poster-scroll-front-6-container%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&pj=%7B%7D&cfgv=0&gdpre=1&gdprc=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bZXOVkjaPWBqPlx8uE0sZseruI0bzA6C9QA0ad8DUDsAkNkneICbRw==

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?wpn=prebid&us_privacy=1---&pu=https%3A%2F%2Feu.telegram.com%2F&ext_gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97&duid=ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s&se=e30&dtstmp...
https://rp4.liadm.com/p?wpn=prebid&us_privacy=1---&pu=https%3A%2F%2Feu.telegram.com%2F&ext_gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97&duid=ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s&se=e30&dtstm...

43 B
542 B

550ms
117ms

Image
image/gif

52.86.196.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rp4.liadm.com/p?wpn=prebid&us_privacy=1---&pu=https%3A%2F%2Feu.telegram.com%2F&ext_gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97&duid=ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s&se=e30&dtstmp=1620946079826&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.196.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-196-188.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
x-pixel-event-id: 614120a1-8176-4b62-87d2-9f739867f565
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
x-frame-options: DENY
content-type: image/gif
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: be6e123239eaf357
request-time: 1
content-length: 43
x-content-type-options: nosniff

Redirect headers

date: Thu, 13 May 2021 22:48:00 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
x-frame-options: DENY
location: https://rp4.liadm.com/p?wpn=prebid&us_privacy=1---&pu=https%3A%2F%2Feu.telegram.com%2F&ext_gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97&duid=ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s&se=e30&dtstmp=1620946079826&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 6c2d53ac42d3ebbf
request-time: 1
content-length: 0
x-content-type-options: nosniff

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1620946079940&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620946079940&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7...

64 B
329 B

42ms
41ms

Image
image/gif

13.224.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620946079940&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9=
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-18.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: pL2rFGRseim0iUSuiWL5-6pjpSv0_wMlYgk1DCDPMq2ogkm9rMiq1g==

Redirect headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1620946079940&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9=
content-length: 256
x-amz-cf-id: LWhuDjX92G6-58svlLlpk9pfVlDmYCkdWX5B-I2MbLsJOMFNDBlhUw==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Feu.telegram.com%2F&c2=6035223&templatetype=homefront&category=home&comscorekw=home&ns__t=1620946079941&ns_c=UTF-8&cv=3.5&c8=Worcester%20Te...
https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Feu.telegram.com%2F&c2=6035223&templatetype=homefront&category=home&comscorekw=home&ns__t=1620946079941&ns_c=UTF-8&cv=3.5&c8=Worcester%20T...

64 B
331 B

49ms
49ms

Image
image/gif

13.224.95.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Feu.telegram.com%2F&c2=6035223&templatetype=homefront&category=home&comscorekw=home&ns__t=1620946079941&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9=
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-18.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: RPc2DtVvXESTq6KEL4-_-rio7v_KzDhXObqB6jMX3mGTbY61bzORog==

Redirect headers

date: Thu, 13 May 2021 22:47:59 GMT
via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Feu.telegram.com%2F&c2=6035223&templatetype=homefront&category=home&comscorekw=home&ns__t=1620946079941&ns_c=UTF-8&cv=3.5&c8=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&c7=https%3A%2F%2Feu.telegram.com%2F&c9=
content-length: 341
x-amz-cf-id: VUc-_U0J5b04v4bbniMJ2trRg5y066US-9wzAIHj977NP-F8mhSf5Q==

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
221 B 97ms
41ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 178ms
58ms XHR
application/json 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184808
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 05e83a4e44fbf34c5ab02c0597792b529b5128ab10f8f89217a61e97a99a312b

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eu.telegram.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 12 Jun 2021 22:48:00 GMT

GET
H/1.1 200
OK any Show response
idx.liadm.com/idex/ie/ 206 B
687 B 468ms
117ms XHR
application/json 52.44.181.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.181.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-181-48.compute-1.amazonaws.com

Software

Resource Hash

ba3c2d6ee72b322419531419cd8d3a10d76081df6a78ccd59f2a9913144440a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 13 May 2021 22:48:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://eu.telegram.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: 64c2aefb07cdd5b6
Content-Length: 206

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 9 KB
4 KB 152ms
146ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=9V33tWRvZX

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e967373c2b80a85b73682ba20cb839415eb0d96e5084b517ae5dcfee1207f2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a09836958000005f111261000000001
x-request-id: C00i2tqEZqU
pragma: no-cache
wn: prod-exp-10-0-88-104
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://eu.telegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 64ef6e888e4d05f1-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
311 B 19ms
18ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=9V33tWRvZX

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0f739925614b9d486e10ecf704e3ce4d1a6492895065e36d03aec81689b4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 225
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a09836957000005f11fb25000000001
x-request-id: Crth2tqyNrd
pragma
wn: prod-dash-10-0-143-105
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 64ef6e888e4905f1-FRA
expires: Thu, 13 May 2021 23:08:00 GMT

GET
DATA 200
OK truncated Show response
/ 361 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 2020CentralMassWinners374.jpg
cdn.gatehousemedia.com/custom-systems/upick/images/promos/2017/ 37 KB
37 KB 116ms
33ms Image
image/jpeg 13.224.95.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gatehousemedia.com/custom-systems/upick/images/promos/2017/2020CentralMassWinners374.jpg?width=135&quality=50
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-54.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e6d01e8b925c701afed6e022935a85029f2ad3dce832a5e0f68a8a75e9ea473

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:28:34 GMT
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
age: 659967
x-cache: Hit from cloudfront
content-length: 37554
last-modified: Thu, 19 Nov 2020 20:20:46 GMT
server: AmazonS3
etag: "79863e8b8a9aa5c218653543cf9d7af9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: XL26bDgXhrhjwk9kZtJA7trc.TQpLpds
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: ziXQvTYh1NbrJzwf3cmtWASgBXpghUGF9jzzLvgYnAAGIuBgBqgdpg==

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
413 B 142ms
90ms XHR
text/javascript 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=326059&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A72268460%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Feu.telegram.com%2F%3Fs_topic%3D%26s_section%3Dhome%26s_subsection%3D%26s_domain%3Dtelegram.com%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221b%22%2C%22siteID%22%3A%22196725%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221a%22%2C%22siteID%22%3A%22196725%22%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c16bd5f710253f78feabb1ab551035166d5f9ffb186422bf76fe517956c8b3b3

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://eu.telegram.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 09
expires: Thu, 13 May 2021 22:48:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
413 B 132ms
82ms XHR
text/javascript 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=326059&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A86543837%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Feu.telegram.com%2F%3Fs_topic%3D%26s_section%3Dhome%26s_subsection%3D%26s_domain%3Dtelegram.com%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22196727%22%7D%2C%22id%22%3A%221%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: fd046f1a456204c44adbb7f7f138eb0acd30d7ace8dd2a0e6dd4d41d87ac29e7

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://eu.telegram.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 09
expires: Thu, 13 May 2021 22:48:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
413 B 159ms
109ms XHR
text/javascript 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=326059&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A84106033%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Feu.telegram.com%2F%3Fs_topic%3D%26s_section%3Dhome%26s_subsection%3D%26s_domain%3Dtelegram.com%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225c%22%2C%22siteID%22%3A%22196729%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225b%22%2C%22siteID%22%3A%22196729%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225a%22%2C%22siteID%22%3A%22196729%22%7D%2C%22id%22%3A%223%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 983eabc6856216650ebc3b73033ee252ce3135ecc2611fdf877d514be3988381

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://eu.telegram.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 09
expires: Thu, 13 May 2021 22:48:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
413 B 168ms
119ms XHR
text/javascript 184.25.115.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=326059&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A47139313%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Feu.telegram.com%2F%3Fs_topic%3D%26s_section%3Dhome%26s_subsection%3D%26s_domain%3Dtelegram.com%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228d%22%2C%22siteID%22%3A%22196732%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228f%22%2C%22siteID%22%3A%22196732%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%228e%22%2C%22siteID%22%3A%22196732%22%7D%2C%22id%22%3A%223%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e7da40cb80a2601550840874481db636c06c469f764937979f822d516ccb4abe

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://eu.telegram.com
x-cs-client-geo: 09
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
x-ak-client-geo: 09
expires: Thu, 13 May 2021 22:48:00 GMT

GET
H2 200 apply-shim.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 10 KB
4 KB 30ms
29ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
age: 64524
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4252
x-served-by: cache-bwi5138-BWI, cache-hhn4022-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1620946080.121472,VS0,VE1
etag: "8d4108ef1d5493eee40467d1e426a693"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 pmk-202002191.14.js Show response
widget.perfectmarket.com/gannett-network/ 111 KB
30 KB 34ms
34ms Script
application/javascript 199.232.137.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gannett-network/pmk-202002191.14.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/gannett-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 044e5e12c5d8acb617f82fbf006eef3c85d9f294e35daeeadd06c2d198e8314f

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xyKz_RLl7smUmPgMbGCWupo.4ZsJKTnJ
content-encoding: gzip
etag: "6767ebadd6c9cec6e81b63a25d0f06e6"
age: 14027171
x-cache: HIT, HIT
content-length: 30945
x-amz-id-2: LMEZhs2QdUZ6w/WQ1U1c39Ns9UWkhDVm1B+51uNO7lG3uILhvkOa99C/PZhLK8mBfsd9oAychi0=
x-served-by: cache-lax10644-LGB, cache-hhn11526-HHN
last-modified: Tue, 17 Mar 2020 06:51:52 GMT
server: AmazonS3
x-timer: S1620946080.128750,VS0,VE0
date: Thu, 13 May 2021 22:48:00 GMT
vary: Accept-Encoding,,
x-amz-request-id: 37AFA52214F18C61
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 44324, 7017

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 20 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 99 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 30 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 26 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 480 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 36 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 24 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 939 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 25 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
44 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:00:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2870
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44829
x-xss-protection: 0
expires: Thu, 13 May 2021 22:50:10 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 551 B
794 B 203ms
186ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=9V33tWRvZX

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e7d778f6474c6713b186e5dad4a06c620779b2ed2fc446a1572f1c77cf5586

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a09836a0e00002bd69825a000000001
x-request-id: C00i2tq9AmR
pragma: no-cache
wn: prod-dash-10-0-85-27
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 64ef6e89abc32bd6-FRA
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 05D4 20 KB
6 KB 146ms
146ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5510e79d6d75a4d6f4127a85a6956d387d67e22c90c1ec9ad6a09345e61eb9d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Fri, 14 May 2021 01:48:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.013
set-cookie: LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4brhqufcKDSSbe; SameSite=Lax; path=/; expires=Fri, 14-May-21 21:48:00 GMT; HttpOnly
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-114-33
x-forwarded-https: on
x-request-id: C00i2tqduIX
x-xss-protection: 0
cf-cache-status: MISS
cf-request-id: 0a09836a05000005f1f9263000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64ef6e89a80d05f1-FRA
content-encoding: br

GET
DATA 200
OK truncated Show response
/ 314 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
428 B 78ms
27ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=326059&u=https%3A%2F%2Feu.telegram.com%2F&v=3
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
X-AK-INITIAL-GEO: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://eu.telegram.com
X-CS-CLIENT-GEO: 09
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 09
Expires: Thu, 13 May 2021 22:48:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
428 B 76ms
26ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=326059&u=https%3A%2F%2Feu.telegram.com%2F&v=3
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
X-AK-INITIAL-GEO: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://eu.telegram.com
X-CS-CLIENT-GEO: 09
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 09
Expires: Thu, 13 May 2021 22:48:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
428 B 72ms
25ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=326059&u=https%3A%2F%2Feu.telegram.com%2F&v=3
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
X-AK-INITIAL-GEO: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://eu.telegram.com
X-CS-CLIENT-GEO: 09
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 09
Expires: Thu, 13 May 2021 22:48:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
428 B 78ms
32ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=326059&u=https%3A%2F%2Feu.telegram.com%2F&v=3
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
X-AK-INITIAL-GEO: CC:[CZ], RC:[], CN:[EU], CIP:[89.187.189.196], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://eu.telegram.com
X-CS-CLIENT-GEO: 09
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 09
Expires: Thu, 13 May 2021 22:48:00 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2742
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Thu, 13 May 2021 22:52:18 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame A9B2 25 KB
8 KB 88ms
78ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=450262

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38f1fcc728ce650842d3eee9d9002b659a26cb9ac2be71e2eb0aa5867014640a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VuXnERcaMsodhZ423pzHsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-VuXnERcaMsodhZ423pzHsA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=450262
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 13 May 2021 22:48:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-VuXnERcaMsodhZ423pzHsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-VuXnERcaMsodhZ423pzHsA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=215=fAYdOymGkgjjQ9F4rNU9DTxJZrmUH3fXFXu3cglp6E2_43x3D_S18qVhh2UJT3L6ysAJIuQoAvP_2vnrCX1tFKXhoXkpj3WY4_5WujdTyhuRv9CqkUPHAyB4gDF7T3kgg0t3vHjS3PBs0eo-DuVAShVr_2Zd-b2duCNZBygtyug; expires=Fri, 12-Nov-2021 22:48:00 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 18ms
8ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 21:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 2916
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Thu, 13 May 2021 22:49:24 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 293 B
1 KB 101ms
100ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=37664&zone_id=156954&size_id=15&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Feu.telegram.com%2F&tg_i.adcount=1&tg_i.domain=telegram.com&tg_i.section=home&tk_flint=pbjs_lite_v4.8.0&x_source.tid=f912a215-6faa-498e-aa1b-d099b1f0bf70&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.011863444129393885
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: acc53eeca66905cf6282e40d23021cb7307908a0c7b36e8fbcb229c490a2f5df

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 293
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 141 B
691 B 76ms
76ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fma-worcester-C6718%2Finline_flex%2Fhomepage%7C24b74afaf27a3aa%22%3A%22300x250%22%7D&ref=https%3A%2F%2Feu.telegram.com%2F&s=c6f52bab-a659-4d66-afbb-a31cce4d5075&pv=996e2068-8f68-46c3-9959-7743c97bb6a5&vp=desktop&lib_name=prebid&lib_v=4.8.0&us=5&ius=1&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e8c0badcaf01e6eedd01a7878bef3cbb9b309674f9728bf17be78da1af2d72d8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 166
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 99ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
169 B 103ms
103ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 501 homepage;misc=1620946080372;us_privacy=1---; Show response
adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x250/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/inline_flex/ 0
22 B 426ms
424ms XHR
text/plain 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x250/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/inline_flex/homepage;misc=1620946080372;us_privacy=1---;
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://eu.telegram.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 30ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.8.0&cb=52213702638
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:47:59 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
gannett-d.openx.net/w/1.0/ 188 B
369 B 49ms
47ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Feu.telegram.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f912a215-6faa-498e-aa1b-d099b1f0bf70&nocache=1620946080374&us_privacy=1---&aus=300x250&divIds=partner-inline-flex-2-container&auid=538809201
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 30e6556c0e680c36521dc30a5fafee60cfa0819460655f6f7f303c7d7d24afa2

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://eu.telegram.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 85ms
85ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3ba96087dca29011c84e882c96282a6cec4081d1e9aa196eef4b3ef1b889d6d3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid: 12cc9d47-330d-43a4-94f5-40b7622bc09e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET entitlements
news.google.com/swg/_/api/v1/publication/telegram.com/ 0
0

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 05D4 33 KB
5 KB 47ms
47ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 1485
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a09836a9c000005f122233000000001
wn: prod-dash-10-0-86-114
last-modified: Wed, 12 May 2021 20:48:34 GMT
server: cloudflare
etag: W/"33843-1620852514000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 64ef6e8a99b105f1-FRA
expires: Fri, 14 May 2021 00:48:00 GMT

GET
H/1.1 200
OK unify-webfonts.css
dispatch-resources.s3.amazonaws.com/dispatch-assets/2020/fonts/ Frame 05D4 6 KB
7 KB 518ms
142ms Stylesheet
text/css 52.216.138.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dispatch-resources.s3.amazonaws.com/dispatch-assets/2020/fonts/unify-webfonts.css
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.138.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d660d79f16aa1c5c6669717c8ef0a70612d54137d31b1c50e02fd29cd9dafc9d

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:01 GMT
Last-Modified: Thu, 19 Mar 2020 20:03:04 GMT
Server: AmazonS3
x-amz-request-id: 906DK98SZHF01PSJ
ETag: "243ad7eb7234591e47d98ef197dd6223"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6569
x-amz-id-2: GEiLjXh/3APgfBuv7pO5vlO4LNegrLJpOdsfxD8mF/kRtoLJnWc6RusFO6EjZc8TXIDLxuLDIs4=

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 05D4 509 KB
143 KB 34ms
33ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1480
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a09836a9c000005f1dfb9d000000001
wn: prod-dash-10-0-92-90
last-modified: Thu, 13 May 2021 01:08:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.001
cache-control: public, max-age=603320
x-optimized-by: _sam
cf-ray: 64ef6e8a99b205f1-FRA
expires: Thu, 20 May 2021 22:23:20 GMT

GET
H2 200 icon-close-24.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/piano/images/icon-close/ Frame 05D4 431 B
723 B 30ms
28ms Image
image/png 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/piano/images/icon-close/icon-close-24.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b46f2e59f77e297e9f9fd0a66c5335865471196d1b904a0cfe4b8cd15facabf

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 630687
x-cache: HIT, HIT
content-length: 431
x-amz-id-2: Z5B8gNYEF+6ErdHFWMfvwgMtcdoJyKjeKTH1rNNXk8dtHUb3S9Pew9i2rLNnjxZuNrya+ZV8mlQ=
x-served-by: cache-bwi5149-BWI, cache-fra19157-FRA
last-modified: Tue, 04 May 2021 18:07:01 GMT
server: AmazonS3
x-timer: S1620946081.503238,VS0,VE1
etag: "826fe22f5f3faed48c05f58c726bf50d"
x-amz-request-id: A5XZNG4W0B0M470V
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/png
x-cache-hits: 5, 1

GET
H2 200 success-icon.png
www.gannett-cdn.com/gannett-web/global/sam/images/success-icon/ Frame 05D4 526 B
1 KB 29ms
28ms Image
image/webp 151.101.14.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/gannett-web/global/sam/images/success-icon/success-icon.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=9V33tWRvZX&templateId=OTQB4YMGRI2N&offerId=fakeOfferId&experienceId=EXTVLW79NJDF&iframeId=offer_c47639d4c09fa517002f-0&displayMode=modal&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ca2c6ef6222b9fa880c488cd90c4120d025b305006e5e45ae61306a8b8812e6

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Ug+IRw==, md5=0qBICMX3FaXd6zIF+GdtTw==
date: Thu, 13 May 2021 22:48:00 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2463366
x-amz-meta-goog-reserved-file-mtime: 1565019092
x-guploader-uploadid: ABg5-UwJvagZ2veZ9TPZPwcuSBDvUscw4XV43DIPylkQcMlX_ONVRKdnwborJ7A1YDAG7e2XK0HehmMSMHPJGwmkIOwlL6B9rA
x-cache: HIT, HIT
fastly-io-info: ifsz=1306 idim=39x39 ifmt=png ofsz=526 odim=39x39 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 526
x-served-by: cache-bwi5136-BWI, cache-fra19157-FRA
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.243_19-839f779d37ed8f1a9bc30daff531233c
server: UploadServer
x-timer: S1620946081.533716,VS0,VE0
etag: "S0B1J/oz3acocPV9YlGQ3BcQAYfvdUQJJChLP93VnLc"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:31:53 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 7

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame A9B2 21 KB
6 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450262

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2742
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Thu, 13 May 2021 22:52:18 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5B-... Frame A9B2 146 KB
51 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5B-gFR_NtDs_kXSFl4p41_EA798g/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a76fd2d7206486cd72f80c33106d521c63cd5c7cf869c5c0ab908ad2c87d342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 00:51:46 GMT
server: sffe
age: 10848
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52525
x-xss-protection: 0
expires: Fri, 13 May 2022 19:47:12 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame A9B2 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 74698
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 13 May 2022 02:03:02 GMT

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame A9B2 36 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5B-gFR_NtDs_kXSFl4p41_EA798g/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a6117292845afab73b2de4673d5d7559afdffe1ef69fb08a1cb5003220859b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 10620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13447
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame A9B2 95 KB
32 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee55a78068293dd8c4ed978c35e141b9d211314ada6085d55a18dc507cb190d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 10620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33095
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame A9B2 143 B
173 B 78ms
78ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-5581309101632762607&bl=boq_subscribewithgoogleclientserver_20210512.13_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=2881&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d98057ed4b68fb8d94484308e9c4b522e2911a7aee8c1a36b11bce09931b083

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame A9B2 46 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0244432d5bd68b595fef41e5257737a038d95848a1fa483c66fb8fdee718d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 10620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17704
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame A9B2 236 B
183 B 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 10620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L... Frame A9B2 796 B
468 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Tl_AGYIXZL0.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.uJDgbMU63qE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI74amyhivC-9LyndN6k0iHexbJ03g/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c862d06dbc394d8f64662949c40b019bd661b71381a0485ff7ccf3eaa45786f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 19:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 21:04:37 GMT
server: sffe
age: 10620
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
expires: Fri, 13 May 2022 19:51:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame A9B2 131 B
381 B 40ms
39ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 13 May 2021 22:48:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 96ms
95ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f7b599b5c519cb81ae695b83854fa19bd5d1f75efa694d1397ccd9475104ea6d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: 437b638a-7c64-4686-a29f-a1925d876595
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
gannett-d.openx.net/w/1.0/ 188 B
366 B 44ms
43ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Feu.telegram.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e2ccac53-04bf-484b-96a1-7d40b11ede1b&nocache=1620946080804&us_privacy=1---&aus=300x250&divIds=partner-inline-flex-3-container&auid=538809201
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 518b76f2c9bc13dab833d942ac4024afe2c7f86532a0ebd42e36d4f83f6ec90b

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:00 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://eu.telegram.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 501 homepage;misc=1620946080804;us_privacy=1---; Show response
adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x250/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/inline_flex/ 0
45 B 449ms
449ms XHR
text/plain 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x250/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/inline_flex/homepage;misc=1620946080804;us_privacy=1---;
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:01 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://eu.telegram.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 69ms
69ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:47:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 293 B
1 KB 117ms
116ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=37664&zone_id=156954&size_id=15&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Feu.telegram.com%2F&tg_i.adcount=2&tg_i.domain=telegram.com&tg_i.section=home&tk_flint=pbjs_lite_v4.8.0&x_source.tid=e2ccac53-04bf-484b-96a1-7d40b11ede1b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9949125638509175
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2f3eb90ad60f1d50eab2558237637b1299106baadeffa94f0c2c82528d0da983

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 293
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
169 B 109ms
109ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 29ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.8.0&cb=49409884486
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 141 B
691 B 57ms
57ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fma-worcester-C6718%2Finline_flex%2Fhomepage%7C52600b74d58c5f9%22%3A%22300x250%22%7D&ref=https%3A%2F%2Feu.telegram.com%2F&s=ed11a792-2d02-4451-a3cc-56a045579760&pv=996e2068-8f68-46c3-9959-7743c97bb6a5&vp=desktop&lib_name=prebid&lib_v=4.8.0&us=5&ius=1&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

99d9734440f7eb9c4d429d3951fd3ce27561f7e9068809b14e28e4084dbe174c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:00 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 166
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nr-spa-1044.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 85ms
28ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "ecc4d675754da137f5dacbc99541e133"
x-amz-request-id: HGJVRFAHVVD788B6
x-cache: HIT
content-length: 11929
x-amz-id-2: gHTWpNcfcGps6epJ/+hiCklslBnS/HAcS0X+qKKpDB9fs0pvL6uDjeWc8dUm1Pi6Gf/gYX+EGus=
x-served-by: cache-hhn4078-HHN
last-modified: Wed, 28 Feb 2018 23:35:17 GMT
server: AmazonS3
x-timer: S1620946081.057349,VS0,VE0
date: Thu, 13 May 2021 22:48:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 12

POST trackShow
buy.tinypass.com/checkout/template/ Frame 05D4 0
0

GET
H2 200 logAutoMicroConversion Show response
api-v3.tinypass.com/api/v3/conversion/ 53 B
316 B 149ms
142ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bjcx%7DH4sIAAAAAAAAAI2Ry26DMBRE_8XrIPkFAXZUpc27LSEkzc6QG-KKGAKG9KH-ewE1rSJ10c2VfM_M2Bp_ICF3yEVOxJheB812gwaoEClEEs7jjlBMiYFNg3ADY4Pb3cQWM3xv4pdLb_2IlT97H4UGjYE7sb3fiyEFRjCOgZocGBM22BxoGwyvBZQSVAJ9tL8Jo9l66Cwmt3dX1H-FpNYyV72M2NhMT_h4SNq7MaZ1PNSOfcKNlb_sWJxYrEzyK7-X_JirQ34O4VhkQsOKBcF2NfKXUz72p_PWchDVBSJXlzUMkP4-9-6H8OmGP8_vgzFdoF8WiVIKpTuJqrNsgBJxLIRMVXVZNLKSPUeN8XeDpjGLuFoWm1PmvE1UG_2fBmXRfYnAxOV72yUOdU1OuOt2rK6g9FJQupXszkn3Xp0hl1iUYEa5jT-_AHebOc3uAQAA&event_type=EXTERNAL_EVENT&event_group_id=close&custom_params=%7B%7D&callback=jsonpCallback&_=1620946080001

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb16b0e3a7ffeb4568d9fc1a2d5b98f5a6f669ed950125530b0cc7dfecd68367

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a09836d03000005f110bce000000001
x-request-id: C10i2tqUeme
pragma: no-cache
wn: prod-api-10-0-80-49
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 64ef6e8e6f5905f1-FRA
expires: 0

GET
H/1.1 200
OK b7ac0e2ada Show response
bam.nr-data.net/1/ 57 B
275 B 528ms
132ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b7ac0e2ada?a=20128261&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2467&ref=https://eu.telegram.com/&be=284&fe=2363&dc=737&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1620946078622,%22n%22:0,%22f%22:141,%22dn%22:141,%22dne%22:141,%22c%22:141,%22s%22:156,%22ce%22:200,%22rq%22:200,%22rp%22:228,%22rpe%22:251,%22dl%22:232,%22di%22:330,%22ds%22:737,%22de%22:737,%22dc%22:2362,%22l%22:2363,%22le%22:2363%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 501 homepage;misc=1620946081256;us_privacy=1---; Show response
adserver.adtechus.com/pubapi/3.0/10315.1/8/0/728x90/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/leaderboard_btf/ 0
22 B 442ms
441ms XHR
text/plain 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10315.1/8/0/728x90/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/leaderboard_btf/homepage;misc=1620946081256;us_privacy=1---;
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:01 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://eu.telegram.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 144 B
781 B 61ms
60ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fma-worcester-C6718%2Fleaderboard_btf%2Fhomepage%7C5635de94c17ed6%22%3A%22728x90%22%7D&ref=https%3A%2F%2Feu.telegram.com%2F&s=578aa834-8ac8-4d51-9323-a92b06859d88&pv=996e2068-8f68-46c3-9959-7743c97bb6a5&vp=desktop&lib_name=prebid&lib_v=4.8.0&us=5&ius=1&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

75113834959f674124ab61fd1b5f11d040a509bd019f083d5043d164e92aca02

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 169
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 292 B
1 KB 124ms
123ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=37664&zone_id=156954&size_id=2&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Feu.telegram.com%2F&tg_i.adcount=1&tg_i.domain=telegram.com&tg_i.section=home&tk_flint=pbjs_lite_v4.8.0&x_source.tid=e0b401d2-3857-46de-9b40-9bc4d92b76a1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.009088815474005196
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 010c5e198fdecb19624877f27bc19d9d7620b7a37b2636ddc594a9ea5de53780

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:01 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 292
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
gannett-d.openx.net/w/1.0/ 188 B
366 B 45ms
44ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Feu.telegram.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e0b401d2-3857-46de-9b40-9bc4d92b76a1&nocache=1620946081259&us_privacy=1---&aus=728x90&divIds=partner-leaderboard-btf-4-container&auid=540401032
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 86989b92a4178992b9810d886d66561dbee0a7531175cd3ef8a563f739d6925d

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:01 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://eu.telegram.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 30ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.8.0&cb=77077695423
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 76ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
169 B 110ms
109ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 82 KB
27 KB 68ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:01 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 10:39:22 GMT
server: nginx
etag: W/"60990d5a-14816"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 14 May 2021 22:48:01 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3732 0
149 B 43ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eu.telegram.com&gdpr=1&gdpr_consent=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=eu.telegram.com&gdpr=1&gdpr_consent=CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 475
date: Thu, 13 May 2021 22:48:00 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 82 KB
27 KB 65ms
22ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:01 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 10:39:22 GMT
server: nginx
etag: W/"60990d5a-14816"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 14 May 2021 22:48:01 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
476 B 96ms
95ms XHR
application/json 3.121.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.8.0&referrer=https%3A%2F%2Feu.telegram.com%2F&tmax=1600&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.66.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-66-29.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:01 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://eu.telegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 74ms
74ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 313 B
1 KB 100ms
99ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=37664&zone_id=156954&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Feu.telegram.com%2F&tg_i.adcount=1&tg_i.domain=telegram.com&tg_i.section=home&tk_flint=pbjs_lite_v4.8.0&x_source.tid=cc28dbc2-5ef3-408c-9530-ef774ee1eebf&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5369902258978565
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f6cee7f3e0f731e5ba1bb76e7a98827d5458aafe1c5e9ef42a0fc2b39f28db12

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:01 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 313
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
gannett-d.openx.net/w/1.0/ 188 B
366 B 44ms
44ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Feu.telegram.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cc28dbc2-5ef3-408c-9530-ef774ee1eebf%2Ccc28dbc2-5ef3-408c-9530-ef774ee1eebf&nocache=1620946081702&us_privacy=1---&aus=300x600%2C300x250%7C300x600%2C300x250&divIds=partner-poster-front-5-container%2Cpartner-poster-front-5-container&auid=538809202%2C538809201
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: c2c90f174faf5817f4b5b48a50c9d0a9054f6bfbe3589887b3c25a7b55cc4bea

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:01 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://eu.telegram.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 32ms
31ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=107&profileId=185&av=32&wv=4.8.0&cb=53365321687
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 501 homepage;misc=1620946081705;us_privacy=1---; Show response
adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x600/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/poster_front/ 0
45 B 450ms
449ms XHR
text/plain 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x600/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/poster_front/homepage;misc=1620946081705;us_privacy=1---;
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://eu.telegram.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 142 B
692 B 145ms
145ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fma-worcester-C6718%2Fposter_front%2Fhomepage%7C8137c134c5f0357%22%3A%22300x600%2C300x250%22%7D&ref=https%3A%2F%2Feu.telegram.com%2F&s=f58b7d76-500e-4d5a-816f-e75e0e16876d&pv=996e2068-8f68-46c3-9959-7743c97bb6a5&vp=desktop&lib_name=prebid&lib_v=4.8.0&us=5&ius=1&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a91c7e526a9ef03853c5a4ec691b943c61f877288475a70e4dc5c52136085da5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 167
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
169 B 104ms
103ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:01 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 258 B
1 KB 125ms
125ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bc6326ce79db5e9c8949c9dd5b03ac39ede09ff1d1b547a8479cf49067030dd3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:01 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: dbe2e804-a45a-47d8-953b-f32883618c6f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 258
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
145 B 29ms
29ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
gannett-d.openx.net/w/1.0/ 188 B
365 B 46ms
46ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Feu.telegram.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c1e85c8-e98b-460e-bdd0-14d87de5c065%2C9c1e85c8-e98b-460e-bdd0-14d87de5c065&nocache=1620946082157&us_privacy=1---&aus=300x600%2C300x250%7C300x600%2C300x250&divIds=partner-poster-scroll-front-6-container%2Cpartner-poster-scroll-front-6-container&auid=538809202%2C538809201
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 62e620e1fcb9b72eae562be487140b14e1d3f9847f5185b5d158eb88bba7ab3e

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://eu.telegram.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 501 homepage;misc=1620946082158;us_privacy=1---; Show response
adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x600/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/poster_scroll_front/ 0
22 B 449ms
449ms XHR
text/plain 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10315.1/8/0/300x600/ADTECH;v=2;cmd=bid;cors=yes;alias=/7103/ma-worcester-C6718/poster_scroll_front/homepage;misc=1620946082158;us_privacy=1---;
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
server: nginx
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://eu.telegram.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 313 B
1 KB 104ms
104ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11324&site_id=37664&zone_id=156954&size_id=15&alt_size_ids=10&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Feu.telegram.com%2F&tg_i.adcount=1&tg_i.domain=telegram.com&tg_i.section=home&tk_flint=pbjs_lite_v4.8.0&x_source.tid=9c1e85c8-e98b-460e-bdd0-14d87de5c065&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.12207276184570137
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 625afddd911697606ed5d0232312d53fbb7f88a8cf3934e54cb4cdf7f7835ef9

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 313
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 71ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
476 B 88ms
88ms XHR
application/json 3.121.66.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.8.0&referrer=https%3A%2F%2Feu.telegram.com%2F&tmax=1600&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.66.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-66-29.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://eu.telegram.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
169 B 103ms
103ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:02 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 262 B
1 KB 97ms
97ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d1e2230301e13ba6fe204946a6b854df1e6d34081271252a52c80c0536b24ca8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:02 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.41:80
AN-X-Request-Uuid: 1c194598-009f-4b43-b5c6-bc1b44a8b981
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 262
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No content hb Show response
sofia.trustx.org/ 0
369 B 380ms
126ms XHR
text/html 35.211.168.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=20941%2C20941&sizes=300x600%2C300x250&r=105857dfc70d8a82&wrapperType=Prebid_js&wrapperVersion=4.8.0&keywords=%5B%7B%22key%22%3A%22topic%22%2C%22value%22%3A%5B%5D%7D%2C%7B%22key%22%3A%22brandsafety%22%2C%22value%22%3A%5B%5D%7D%5D&u=https%3A%2F%2Feu.telegram.com%2F&wtimeout=1600&us_privacy=1---
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 13 May 2021 22:48:02 GMT
Server: nginx
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 150 B
700 B 62ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F7103%2Fma-worcester-C6718%2Fposter_scroll_front%2Fhomepage%7C1096a0a0d54a7a8a%22%3A%22300x600%2C300x250%22%7D&ref=https%3A%2F%2Feu.telegram.com%2F&s=e6c782a0-8bc2-463f-854a-cc1c7363c4d8&pv=996e2068-8f68-46c3-9959-7743c97bb6a5&vp=desktop&lib_name=prebid&lib_v=4.8.0&us=5&ius=1&us_privacy=1---

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c0ca5a42a5495b3071dd04bad5a9207f9863a889bb7b795a733df120f30eb3b2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://eu.telegram.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 175
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 30ms
30ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=107&profileId=185&av=32&wv=4.8.0&cb=79609674913
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK b7ac0e2ada Show response
bam.nr-data.net/events/1/ 24 B
182 B 257ms
257ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/b7ac0e2ada?a=20128261&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=3546&ref=https://eu.telegram.com/
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.telegram.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H2 204 events
bidder.criteo.com/csm/ 0
145 B 29ms
29ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://eu.telegram.com
date: Thu, 13 May 2021 22:48:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK any Show response
idx.liadm.com/idex/prebid/ 68 B
548 B 120ms
120ms XHR
application/json 52.44.181.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?us_privacy=1---&gup_anonid=44198be2-b43d-11eb-aa1a-b2a682172c97

Requested by

Host: eu.telegram.com
URL: https://eu.telegram.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.181.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-181-48.compute-1.amazonaws.com

Software

Resource Hash

ebc550603833b8ed6756199f8853e369966715bbc591f17b951ea2000be46e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 13 May 2021 22:48:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://eu.telegram.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
trace-id: be845bb466e2ac7f
Content-Length: 68

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6057 38 KB
14 KB 78ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97061
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F0B3 38 KB
14 KB 77ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97061
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5D5B 281 B
554 B 73ms
23ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KONHFZZ2-1M-7CWW; rsid=1|CdSsIlYD4v+QW2i8kcdyDE/csJlhKb+t03RRUZWfOgZ1qOqWPGrxQcTya9WQi+HKKRWt2jyoYTD2eRWdAyD4Wwn1rWxbuVEZ+xAvac7RQXIhonWoCc9eObX5TM/cWQ3bVdSf+hE=; ses2=; ses15=; vis2=37664^2; vis15=37664^4; audit=1|0o8zzNO5o4Y9alxNKRvNdSD7U453ZmNH4RgscivlZgf6NfR0nQ6rUsbfsBg0fmAHQOOnEIDCqqKAF7qA5WC/AP0d3Bv3dSen
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 1742 668 B
730 B 44ms
42ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: ed00fc308690979b81792ce95914a990af53c140ec6029c2ce6d5893188afe87

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079; Version=1; Expires=Fri, 13-May-2022 22:48:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620946083|gekin0vNiygu; Version=1; Expires=Fri, 28-May-2021 22:48:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 sync Show response
eb2.3lift.com/ Frame E581 1 KB
1 KB 97ms
30ms Document
text/html 3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba9bb9563c62fb0665a5f35d5777e4ac2d09496fd946cef7203166487057a9d2

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=3589570784207314902
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQib2pv5YvCgoIkQIQib2pv5YvCgoI4gEQib2pv5YvCgoIkgIQib2pv5YvCgoI5gEQib2pv5YvCgoIhwIQib2pv5YvCgkIOhCJvam_li8KCQgLEIm9qb-WLwoJCF8Qib2pv5YvCgkIHxCJvam_li8=; Max-Age=7776000; Expires=Wed, 11 Aug 2021 22:48:03 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3589570784207314902; Max-Age=7776000; Expires=Wed, 11 Aug 2021 22:48:03 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1

200
OK

1035847.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame A2BE
Redirect Chain

https://sync.serverbid.com/ss/1035847.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

5 KB
5 KB

867ms
29ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b88b894dbc9e1d6503532dbdd069278c6b7921abc55e9abfb5599dc1324d0794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Date: Thu, 13 May 2021 22:48:04 GMT
Connection: Keep-Alive
Cache-Control: max-age=76628
Content-Length: 4895
Content-Type: text/html
Last-Modified: Fri, 18 Dec 2020 15:52:38 GMT
Accept-Ranges: bytes
etag: "47e2a53308806c0e0ce6bb0374d4be18"
x-amz-request-id: tx00000000000000eb926dc-00609d850b-4d842b1-nyc3a
age: 364
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1620946084.dop006.fr8.t,1620946084.cds227.fr8.shn,1620946084.dop006.fr8.t,1620946084.cds010.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
cache-control: no-cache

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame A39D 668 B
718 B 44ms
44ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: ed00fc308690979b81792ce95914a990af53c140ec6029c2ce6d5893188afe87

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079; Version=1; Expires=Fri, 13-May-2022 22:48:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620946083|gekin0vNiygu; Version=1; Expires=Fri, 28-May-2021 22:48:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 542D 38 KB
14 KB 79ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97061
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame E744 668 B
718 B 43ms
42ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: ed00fc308690979b81792ce95914a990af53c140ec6029c2ce6d5893188afe87

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079; Version=1; Expires=Fri, 13-May-2022 22:48:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620946083|gekin0vNiygu; Version=1; Expires=Fri, 28-May-2021 22:48:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1

200
OK

1035847.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame CE77
Redirect Chain

https://sync.serverbid.com/ss/1035847.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

5 KB
5 KB

896ms
28ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b88b894dbc9e1d6503532dbdd069278c6b7921abc55e9abfb5599dc1324d0794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Date: Thu, 13 May 2021 22:48:04 GMT
Connection: Keep-Alive
Cache-Control: max-age=76628
Content-Length: 4895
Content-Type: text/html
Last-Modified: Fri, 18 Dec 2020 15:52:38 GMT
Accept-Ranges: bytes
etag: "47e2a53308806c0e0ce6bb0374d4be18"
x-amz-request-id: tx00000000000000eb926dc-00609d850b-4d842b1-nyc3a
age: 364
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1620946084.dop006.fr8.t,1620946084.cds227.fr8.shn,1620946084.dop006.fr8.t,1620946084.cds010.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
cache-control: no-cache

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9D50 52 KB
17 KB 92ms
39ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8508457202069849777; icu=ChgIxaw4EAoYBSAFKAUwotn2hAY4BUAFSAUQotn2hAYYBA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 14 May 2021 22:48:05 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive

GET
H/1.1

200
OK

1035847.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 0C3A
Redirect Chain

https://sync.serverbid.com/ss/1035847.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

5 KB
5 KB

925ms
28ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b88b894dbc9e1d6503532dbdd069278c6b7921abc55e9abfb5599dc1324d0794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Date: Thu, 13 May 2021 22:48:04 GMT
Connection: Keep-Alive
Cache-Control: max-age=76628
Content-Length: 4895
Content-Type: text/html
Last-Modified: Fri, 18 Dec 2020 15:52:38 GMT
Accept-Ranges: bytes
etag: "47e2a53308806c0e0ce6bb0374d4be18"
x-amz-request-id: tx00000000000000eb926dc-00609d850b-4d842b1-nyc3a
age: 364
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1620946084.dop006.fr8.t,1620946084.cds227.fr8.shn,1620946084.dop006.fr8.t,1620946084.cds010.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
cache-control: no-cache

GET
H/1.1

200
OK

1035847.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame F1D0
Redirect Chain

https://sync.serverbid.com/ss/1035847.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

5 KB
5 KB

955ms
28ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b88b894dbc9e1d6503532dbdd069278c6b7921abc55e9abfb5599dc1324d0794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Date: Thu, 13 May 2021 22:48:04 GMT
Connection: Keep-Alive
Cache-Control: max-age=76628
Content-Length: 4895
Content-Type: text/html
Last-Modified: Fri, 18 Dec 2020 15:52:38 GMT
Accept-Ranges: bytes
etag: "47e2a53308806c0e0ce6bb0374d4be18"
x-amz-request-id: tx00000000000000eb926dc-00609d850b-4d842b1-nyc3a
age: 364
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1620946084.dop006.fr8.t,1620946084.cds227.fr8.shn,1620946084.dop006.fr8.t,1620946084.cds010.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
cache-control: no-cache

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FED8 1 KB
1 KB 88ms
29ms Document
text/html 3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba9bb9563c62fb0665a5f35d5777e4ac2d09496fd946cef7203166487057a9d2

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=3589570784207314902
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQib2pv5YvCgoIkQIQib2pv5YvCgoI4gEQib2pv5YvCgoIkgIQib2pv5YvCgoI5gEQib2pv5YvCgoIhwIQib2pv5YvCgkIOhCJvam_li8KCQgLEIm9qb-WLwoJCF8Qib2pv5YvCgkIHxCJvam_li8=; Max-Age=7776000; Expires=Wed, 11 Aug 2021 22:48:03 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3589570784207314902; Max-Age=7776000; Expires=Wed, 11 Aug 2021 22:48:03 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 17D0 52 KB
17 KB 77ms
27ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8508457202069849777; icu=ChgIxaw4EAoYBSAFKAUwotn2hAY4BUAFSAUQotn2hAYYBA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 14 May 2021 22:48:05 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 35A0 52 KB
17 KB 77ms
28ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8508457202069849777; icu=ChgIxaw4EAoYBSAFKAUwotn2hAY4BUAFSAUQotn2hAYYBA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 14 May 2021 22:48:05 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 0C5E 1 KB
1 KB 86ms
29ms Document
text/html 3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba9bb9563c62fb0665a5f35d5777e4ac2d09496fd946cef7203166487057a9d2

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?us_privacy=1---&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=3589570784207314902
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQib2pv5YvCgoIkQIQib2pv5YvCgoI4gEQib2pv5YvCgoIkgIQib2pv5YvCgoI5gEQib2pv5YvCgoIhwIQib2pv5YvCgkIOhCJvam_li8KCQgLEIm9qb-WLwoJCF8Qib2pv5YvCgkIHxCJvam_li8=; Max-Age=7776000; Expires=Wed, 11 Aug 2021 22:48:03 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=3589570784207314902; Max-Age=7776000; Expires=Wed, 11 Aug 2021 22:48:03 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 103E 668 B
718 B 44ms
43ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: ed00fc308690979b81792ce95914a990af53c140ec6029c2ce6d5893188afe87

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079; Version=1; Expires=Fri, 13-May-2022 22:48:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620946083|gekin0vNiygu; Version=1; Expires=Fri, 28-May-2021 22:48:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E129 52 KB
17 KB 87ms
39ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8508457202069849777; icu=ChgIxaw4EAoYBSAFKAUwotn2hAY4BUAFSAUQotn2hAYYBA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 14 May 2021 22:48:05 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 01F4 38 KB
14 KB 73ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97061
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5B3A 668 B
718 B 43ms
43ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: ed00fc308690979b81792ce95914a990af53c140ec6029c2ce6d5893188afe87

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.telegram.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=0ea6643b-f4a9-0df2-0129-e59f71b20039|1620946079; Version=1; Expires=Fri, 13-May-2022 22:48:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620946083|gekin0vNiygu; Version=1; Expires=Fri, 28-May-2021 22:48:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.207.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 198A 38 KB
14 KB 75ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97061
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A647 52 KB
17 KB 85ms
39ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=8508457202069849777; icu=ChgIxaw4EAoYBSAFKAUwotn2hAY4BUAFSAUQotn2hAYYBA..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 14 May 2021 22:48:05 GMT
Date: Thu, 13 May 2021 22:48:03 GMT
Connection: keep-alive

GET
H/1.1

200
OK

1035847.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 776D
Redirect Chain

https://sync.serverbid.com/ss/1035847.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

5 KB
5 KB

985ms
28ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b88b894dbc9e1d6503532dbdd069278c6b7921abc55e9abfb5599dc1324d0794

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://eu.telegram.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eu.telegram.com/

Response headers

Date: Thu, 13 May 2021 22:48:04 GMT
Connection: Keep-Alive
Cache-Control: max-age=76628
Content-Length: 4895
Content-Type: text/html
Last-Modified: Fri, 18 Dec 2020 15:52:38 GMT
Accept-Ranges: bytes
etag: "47e2a53308806c0e0ce6bb0374d4be18"
x-amz-request-id: tx00000000000000eb926dc-00609d850b-4d842b1-nyc3a
age: 364
strict-transport-security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1620946084.dop006.fr8.t,1620946084.cds227.fr8.shn,1620946084.dop006.fr8.t,1620946084.cds010.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
cache-control: no-cache

GET
H/1.1 204
No content push_sync
sofia.trustx.org/ 0
275 B 126ms
125ms Image
text/html 35.211.168.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sofia.trustx.org/push_sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:03 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1742
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7447609d-aca3-4100-8c94-4c23cb221313

43 B
106 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7447609d-aca3-4100-8c94-4c23cb221313
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7447609d-aca3-4100-8c94-4c23cb221313
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1742
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=ehYlLS1FfXphEHl5dBcxcH1CeS1hFi5_eB99G8tP

43 B
106 B

44ms
43ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=ehYlLS1FfXphEHl5dBcxcH1CeS1hFi5_eB99G8tP
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=ehYlLS1FfXphEHl5dBcxcH1CeS1hFi5_eB99G8tP
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 1742
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4789977084129649321

43 B
106 B

46ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4789977084129649321
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4789977084129649321
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 1742 70 B
264 B 60ms
59ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=dd0a5b62-5d2e-3205-5bff-2d77159533c4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1742
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

170 B
188 B

68ms
35ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1742
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9afWNQMvelUmID8dMrRVM&google_cver=1

43 B
106 B

45ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9afWNQMvelUmID8dMrRVM&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEG9afWNQMvelUmID8dMrRVM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A39D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b5a3609d-aca3-4300-86a8-b4a9db451399

43 B
106 B

42ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b5a3609d-aca3-4300-86a8-b4a9db451399
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b5a3609d-aca3-4300-86a8-b4a9db451399
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A39D
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=N6nPYWD6lzYsr5M1N_zbZDCsl2MsqcI3M6tetd4m

43 B
106 B

44ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=N6nPYWD6lzYsr5M1N_zbZDCsl2MsqcI3M6tetd4m
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=N6nPYWD6lzYsr5M1N_zbZDCsl2MsqcI3M6tetd4m
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A39D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9175981332745913064

43 B
106 B

45ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9175981332745913064
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9175981332745913064
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A39D 70 B
264 B 59ms
58ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=dd0a5b62-5d2e-3205-5bff-2d77159533c4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A39D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

170 B
188 B

58ms
37ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A39D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD-WicakzIEFNcn2Z12Vzc&google_cver=1

43 B
106 B

48ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD-WicakzIEFNcn2Z12Vzc&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECD-WicakzIEFNcn2Z12Vzc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E744
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea2b609d-aca3-4f00-afe2-93ea60935240

43 B
106 B

42ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea2b609d-aca3-4f00-afe2-93ea60935240
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ea2b609d-aca3-4f00-afe2-93ea60935240
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E744
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oNNv7_eAN7i71TLupYV7vaPXZ-67gGa989YvENn2

43 B
106 B

44ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oNNv7_eAN7i71TLupYV7vaPXZ-67gGa989YvENn2
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=oNNv7_eAN7i71TLupYV7vaPXZ-67gGa989YvENn2
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E744
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8781643169251435430

43 B
106 B

47ms
44ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8781643169251435430
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8781643169251435430
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E744 70 B
264 B 60ms
58ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=dd0a5b62-5d2e-3205-5bff-2d77159533c4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E744
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

170 B
188 B

65ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E744
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbK9i0IaC_s6d2W_8XBk9M&google_cver=1

43 B
106 B

49ms
45ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbK9i0IaC_s6d2W_8XBk9M&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJbK9i0IaC_s6d2W_8XBk9M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 103E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49cb609d-aca3-4300-b698-d9fdd5589988

43 B
106 B

41ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49cb609d-aca3-4300-b698-d9fdd5589988
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=49cb609d-aca3-4300-b698-d9fdd5589988
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 103E
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bi6nWjl9_w11KPsObXuzWG0vrlh1LK8Ia3_NeCtd

43 B
106 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bi6nWjl9_w11KPsObXuzWG0vrlh1LK8Ia3_NeCtd
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=bi6nWjl9_w11KPsObXuzWG0vrlh1LK8Ia3_NeCtd
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 103E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3999295349391099040

43 B
106 B

45ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3999295349391099040
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3999295349391099040
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 103E 70 B
264 B 60ms
59ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=dd0a5b62-5d2e-3205-5bff-2d77159533c4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 103E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

170 B
188 B

58ms
37ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 103E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL72Ex7nHGm_d5xrf9eggVU&google_cver=1

43 B
106 B

44ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL72Ex7nHGm_d5xrf9eggVU&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL72Ex7nHGm_d5xrf9eggVU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5B3A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a4c609d-aca3-4800-9169-c7fa9df54ff3

43 B
106 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a4c609d-aca3-4800-9169-c7fa9df54ff3
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6a4c609d-aca3-4800-9169-c7fa9df54ff3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5B3A
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0NHyzoeCqpnL16_MgtfmzIOF-c_L1_qZgNZZm4XL

43 B
122 B

43ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0NHyzoeCqpnL16_MgtfmzIOF-c_L1_qZgNZZm4XL
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0NHyzoeCqpnL16_MgtfmzIOF-c_L1_qZgNZZm4XL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5B3A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3686206820970496617

43 B
106 B

47ms
44ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3686206820970496617
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3686206820970496617
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 5B3A 70 B
264 B 59ms
58ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=dd0a5b62-5d2e-3205-5bff-2d77159533c4&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5B3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

170 B
188 B

57ms
36ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjE2NTg4YTgtOTQ1OS02Y2ExLTRlMWYtNzdjZWRmNzdmZGE0&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5B3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOsVRJ7Ec0NTa3epIVVC_I&google_cver=1

43 B
106 B

45ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOsVRJ7Ec0NTa3epIVVC_I&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=5ca1d242-e9ea-44e8-a515-7909b1c129dc&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDOsVRJ7Ec0NTa3epIVVC_I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5D5B 30 KB
9 KB 29ms
28ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47242
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Fri, 14 May 2021 11:55:25 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F0B3 3 KB
3 KB 113ms
38ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58686845&p=57752&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 731ca2cba5c356a50f8649dd9b59585ffdcf3f310730c701116c465b1231895e

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FED8 70 B
264 B 60ms
59ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame FED8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMNOFGmQo52eZNP3Vdk3GMw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

35ms
29ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMNOFGmQo52eZNP3Vdk3GMw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMNOFGmQo52eZNP3Vdk3GMw&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame FED8
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame FED8 42 B
465 B 52ms
28ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3589570784207314902&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
etag: "506f5bd17ad71:0"
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref: Ref A: 3392E791FF9D4D2F84218464F6C84A76 Ref B: FRAEDGE1507 Ref C: 2021-05-13T22:48:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame FED8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3589570784207314902?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ndg5i4tE2oRyGduQWfu0itNRN7t_YxE11.PwV5TxRg--~A&dongle=0883

37 B
352 B

32ms
31ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ndg5i4tE2oRyGduQWfu0itNRN7t_YxE11.PwV5TxRg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 13 May 2021 22:48:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ndg5i4tE2oRyGduQWfu0itNRN7t_YxE11.PwV5TxRg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FED8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

31ms
30ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:03 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.41:80
AN-X-Request-Uuid: 608890f3-3815-47e6-8701-69687731860e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame FED8
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3589570784207314902
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t

0
0

362ms
120ms

Image
text/html

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame FED8
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

29ms
29ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 13 May 2021 22:48:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame FED8 0
0 69ms
32ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3589570784207314902
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame FED8 0
0 97ms
31ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3589570784207314902
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0C5E 70 B
264 B 60ms
56ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 0C5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB9SYIJGSx2LTT1c3pwKXg8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

34ms
30ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB9SYIJGSx2LTT1c3pwKXg8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEB9SYIJGSx2LTT1c3pwKXg8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 0C5E
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame 0C5E 42 B
249 B 50ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3589570784207314902&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
etag: "506f5bd17ad71:0"
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref: Ref A: 046FEE3BCB4A40D58D1D3D46AFCAE245 Ref B: FRAEDGE1507 Ref C: 2021-05-13T22:48:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 0C5E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3589570784207314902?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-YYSB7_FE2oRw9hlFZ7Q2bc8XrVaNybY6l06Z.aHbmQ--~A&dongle=0883

37 B
352 B

31ms
31ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-YYSB7_FE2oRw9hlFZ7Q2bc8XrVaNybY6l06Z.aHbmQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 13 May 2021 22:48:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-YYSB7_FE2oRw9hlFZ7Q2bc8XrVaNybY6l06Z.aHbmQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 0C5E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

30ms
30ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:03 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid: 53b9cccc-1199-40ae-bc0b-77d1c21d5440
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 0C5E
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3589570784207314902
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t

0
0

430ms
145ms

Image
text/html

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 0C5E
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

29ms
29ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 13 May 2021 22:48:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 0C5E 0
0 228ms
32ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3589570784207314902
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 0C5E 0
0 2126ms
32ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3589570784207314902
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E581 70 B
264 B 59ms
58ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame E581
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQmAZ22Hrxx74JYWwS7EYk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

32ms
29ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQmAZ22Hrxx74JYWwS7EYk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPQmAZ22Hrxx74JYWwS7EYk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E581
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

170 B
188 B

35ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzU4OTU3MDc4NDIwNzMxNDkwMg%3D%3D
date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame E581 42 B
247 B 43ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=3589570784207314902&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:02 GMT
etag: "506f5bd17ad71:0"
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref: Ref A: 6C41FE0AF1444674966055D67AA794CB Ref B: FRAEDGE1507 Ref C: 2021-05-13T22:48:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame E581
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/3589570784207314902?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-P9Ulv7dE2oSDupRi0r86FLeWAfDDCtxMK.XFWZNDtQ--~A&dongle=0883

37 B
352 B

31ms
30ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-P9Ulv7dE2oSDupRi0r86FLeWAfDDCtxMK.XFWZNDtQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 13 May 2021 22:48:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-P9Ulv7dE2oSDupRi0r86FLeWAfDDCtxMK.XFWZNDtQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E581
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

31ms
31ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:10 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 42e7ea70-0b97-47f9-90ac-11242d3c04ab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=8508457202069849777&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame E581
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=3589570784207314902
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t

0
0

3227ms
148ms

Image
text/html

52.46.130.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:04 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=3589570784207314902&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E581
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

29ms
29ms

Image
image/gif

3.124.79.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.79.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 13 May 2021 22:48:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame E581 0
0 7177ms
32ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=3589570784207314902
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame E581 0
0 7177ms
33ms Image
text/html 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=3589570784207314902
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 8DA5 35 B
468 B 34ms
34ms Document
image/gif 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=20DE3B59-0789-40C7-AC9C-7188397253B0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=20DE3B59-0789-40C7-AC9C-7188397253B0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:03 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=5848873883625644392; expires=Mon, 12 Jul 2021 22:48:03 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 792E 35 B
134 B 140ms
44ms Document
image/gif 213.155.156.185
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.185 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame D386 43 B
304 B 353ms
33ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 13 May 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1420
date: Thu, 13 May 2021 22:48:02 GMT
content-length: 43

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F0B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IN47WQeJQMesnHGIOXJTsA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

27ms
26ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=117843
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sat, 15 May 2021 07:32:06 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a4c609d-aca3-4800-9169-c7fa9df54ff3

0
587 B

1136ms
29ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a4c609d-aca3-4800-9169-c7fa9df54ff3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Thu, 13 May 2021 22:48:03 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=6a4c609d-aca3-4800-9169-c7fa9df54ff3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame F0B3
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=20DE3B59-0789-40C7-AC9C-7188397253B0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=41651174-f288-45e2-bccc-359e1b36aa0e&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b883663a822bc6f8bf49101612c9294f
https://spl.zeotap.com/?zdid=1332&zcluid=90d277e74b563101
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ccf5715a-81a2-4ff7-47ab-82540d6c28af&reqId=d45c23eb-819f-4c2c-6a6e-18d71d335fa2&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMetyGX3t6f4xijalNQZof4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ccf5715a-81a2-4ff7-47ab-82540d6c28af&reqId=d45c23eb-819f-4c2c-6a6e-18d...

95 B
178 B

25ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEMetyGX3t6f4xijalNQZof4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ccf5715a-81a2-4ff7-47ab-82540d6c28af&reqId=d45c23eb-819f-4c2c-6a6e-18d71d335fa2&zcluid=90d277e74b563101&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64ef6eb66adcc286-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a098386050000c286db0b6000000001

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMetyGX3t6f4xijalNQZof4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ccf5715a-81a2-4ff7-47ab-82540d6c28af&reqId=d45c23eb-819f-4c2c-6a6e-18d71d335fa2&zcluid=90d277e74b563101&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjBERTNCNTktMDc4OS00MEM3LUFDOUMtNzE4ODM5NzI1M0Iw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

3142ms
44ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:345
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENa2ptlGqUVE_i0MMvi3cOY&google_cver=1

42 B
589 B

3141ms
43ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENa2ptlGqUVE_i0MMvi3cOY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:363
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENa2ptlGqUVE_i0MMvi3cOY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame F0B3 43 B
609 B 1352ms
30ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 12 May 2021 22:48:04 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8781643169251435430

42 B
234 B

3409ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8781643169251435430
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:463
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8781643169251435430
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&gdpr=0&gdpr_consent=

42 B
341 B

3406ms
39ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:454
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 13 May 2021 22:48:03 GMT
Server: MT3 3736 915c305 master zrh-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:02 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41651174-f288-45e2-bccc-359e1b36aa0e

42 B
292 B

3383ms
38ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41651174-f288-45e2-bccc-359e1b36aa0e
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:387
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=41651174-f288-45e2-bccc-359e1b36aa0e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8508457202069849777&gdpr=0&gdpr_consent=

42 B
365 B

30ms
29ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8508457202069849777&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:09 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:442
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:10 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: a01b90d5-f224-46e3-93a3-e3c29bde229e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8508457202069849777&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 20DE3B59-0789-40C7-AC9C-7188397253B0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F0B3 43 B
562 B 59ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/20DE3B59-0789-40C7-AC9C-7188397253B0?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20DE3B59-0789-40C7-AC9C-7188397253B0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=20DE3B59-0789-40C7-AC9C-7188397253B0&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ojFnB4JE2uWmu1c2Bvaj0bunKZbhVgk-~A&gdpr=0&gdpr_consent=

0
587 B

29ms
29ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ojFnB4JE2uWmu1c2Bvaj0bunKZbhVgk-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Thu, 13 May 2021 22:48:05 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Thu, 13 May 2021 22:48:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ojFnB4JE2uWmu1c2Bvaj0bunKZbhVgk-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

502

Pug
simage2.pubmatic.com/AdServer/ Frame F0B3
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
https://x.bidswitch.net/sync?dsp_id=429&user_id=584edd72-8b24-5286-9d91-63dbfd0ccf7e&ssp=pubmatic&expires=30&user_group=1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3&gdpr=&gdpr_consent=&gdpr_pd=

0
0

1134ms
37ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 13 May 2021 22:48:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5D5B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKq4ca-j-rU_WQ_fTAUDSTU&google_cver=1

0
239 B

263ms
32ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKq4ca-j-rU_WQ_fTAUDSTU&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKq4ca-j-rU_WQ_fTAUDSTU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5D5B 70 B
264 B 60ms
58ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5D5B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a4c609d-aca3-4800-9169-c7fa9df54ff3

0
239 B

294ms
33ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a4c609d-aca3-4800-9169-c7fa9df54ff3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

Date: Thu, 13 May 2021 22:48:04 GMT
Server: MT3 3736 915c305 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6a4c609d-aca3-4800-9169-c7fa9df54ff3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 13 May 2021 22:48:03 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 5D5B 0
66 B 348ms
41ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5D5B
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09OSEZaWjItMU0tN0NXVw==&us_privacy=1---

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09OSEZaWjItMU0tN0NXVw==&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09OSEZaWjItMU0tN0NXVw==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5D5B
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/onevscM7gkXbzaDTDJzxnsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4663041577256940955

0
239 B

197ms
32ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4663041577256940955
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

date: Thu, 13 May 2021 22:48:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4663041577256940955
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5D5B
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmNiZmIxYWZiZjE4NzFkMTY4MDlmZTYzMDI2MzVlYTYwMTVjNmJhNg&us_privacy=1---

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmNiZmIxYWZiZjE4NzFkMTY4MDlmZTYzMDI2MzVlYTYwMTVjNmJhNg&us_privacy=1---

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmNiZmIxYWZiZjE4NzFkMTY4MDlmZTYzMDI2MzVlYTYwMTVjNmJhNg&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 5D5B
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KONHFZZ2-1M-7CWW&sigv=1&esig=2~f8a0f6ea67fa5a8957ae478b877bf784ae91863c&us_privacy=1---

0
446 B

20ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KONHFZZ2-1M-7CWW&sigv=1&esig=2~f8a0f6ea67fa5a8957ae478b877bf784ae91863c&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KONHFZZ2-1M-7CWW&sigv=1&esig=2~f8a0f6ea67fa5a8957ae478b877bf784ae91863c&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 um
cs.emxdgt.com/ Frame BE98 0
0 1444ms
36ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cs.emxdgt.com
:scheme: https
:path: /um?ssp=pbs&redirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D44%26userId%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

content-type: text/html
date: Thu, 13 May 2021 22:48:05 GMT
content-length: 0

GET
H/1.1 200
OK Cookie set uc.html Show response
go.sonobi.com/ Frame 231E 43 B
577 B 139ms
34ms Document
text/html 178.162.133.148
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sonobi.com/uc.html?pubid=e55fb5d7c2

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.148 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: HAPLB5A=s5610|YJ2sp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Date: Thu, 13 May 2021 22:48:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-ams-1-7-128
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5G=s57128|YJ2sp; path=/; domain=.go.sonobi.com; SameSite=None; secure

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3833
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

24ms
24ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KONHFZZ2-1M-7CWW; rsid=1|CdSsIlYD4v+QW2i8kcdyDE/csJlhKb+t03RRUZWfOgZ1qOqWPGrxQcTya9WQi+HKKRWt2jyoYTD2eRWdAyD4Wwn1rWxbuVEZ+xAvac7RQXIhonWoCc9eObX5TM/cWQ3bVdSf+hE=; ses2=; ses15=; vis2=37664^2; vis15=37664^4; audit=1|0o8zzNO5o4Y9alxNKRvNdSD7U453ZmNH4RgscivlZgf6NfR0nQ6rUsbfsBg0fmAHQOOnEIDCqqKAF7qA5WC/AP0d3Bv3dSen; pux=1512%3D99623%262249%3D99623%262307%3D99623%262974%3D99623%26idl%3D99623%26goog%3D99623%262249-DV360-Hosted%3D99623%26brx%3D99623%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 13 May 2021 22:48:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Thu, 13 May 2021 22:48:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 555E 8 KB
3 KB 25ms
23ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; chkChromeAb67Sec=1; DPSync3=1622073600%3A197_219_201%7C1620950400%3A174; SyncRTB3=1621468800%3A223%7C1621728000%3A63%7C1622160000%3A35%7C1622073600%3A220_21_56_54_71_13_161_7_3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=117842
Expires: Sat, 15 May 2021 07:32:06 GMT
Date: Thu, 13 May 2021 22:48:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame A2BE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&s=185073&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ2spxo0tEbmYJM5PLy-kwAA%261157

0
44 B

103ms
102ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ2spxo0tEbmYJM5PLy-kwAA%261157
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YJ2spxo0tEbmYJM5PLy-kwAA%261157
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Thu, 13 May 2021 22:48:07 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame A2BE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=7fc4669db8bca923bf6c0b19

0
44 B

103ms
102ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=7fc4669db8bca923bf6c0b19
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
content-length: 0

Redirect headers

Date: Thu, 13 May 2021 22:48:05 GMT
Server: nginx
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=7fc4669db8bca923bf6c0b19
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame A2BE 0
474 B 1148ms
34ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:05 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame A2BE
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP47dde0ab-b43d-11eb-a6a7-0667397c84b8
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP47dde0ab-b43d-11eb-a6a7-0667397c84b8

0
44 B

103ms
103ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP47dde0ab-b43d-11eb-a6a7-0667397c84b8
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
content-length: 0

Redirect headers

Date: Thu, 13 May 2021 22:48:05 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP47dde0ab-b43d-11eb-a6a7-0667397c84b8
Connection: keep-alive
Content-Length: 0

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame A2BE 0
44 B 105ms
102ms Image
text/plain 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
content-length: 0

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame A2BE 0
44 B 105ms
103ms Image
text/plain 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjEmdGw9MjAxNjA%3D%26piggybackCookie%3Dazk:
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:04 GMT
content-length: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame A2BE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8508457202069849777

0
44 B

105ms
104ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8508457202069849777
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:10 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:10 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid: 577f4e36-9616-42d1-9b83-375b7d76415c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=8508457202069849777
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame A2BE
Redirect Chain

https://x.bidswitch.net/sync?ssp=consumable
https://x.bidswitch.net/ul_cb/sync?ssp=consumable
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dconsumable%26expires%3D30%26user_group%3D%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=584edd72-8b24-5286-9d91-63dbfd0ccf7e&ssp=consumable&expires=30&user_group=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3

0
44 B

103ms
103ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
content-length: 0

Redirect headers

location: //e.serverbid.com/udb/9969/sync/i.gif?partnerId=52&userId=5f0a2ca2-c8c1-47fe-b0a0-13b7805aebb3
date: Thu, 13 May 2021 22:48:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame A2BE
Redirect Chain

https://p.rfihub.com/cm?pub=42786&in=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1871597495050131844

0
44 B

103ms
103ms

Image
text/plain

134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1871597495050131844
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
content-length: 0

Redirect headers

Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=1871597495050131844
Date: Thu, 13 May 2021 22:48:05 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0301 38 KB
14 KB 28ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES; KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; chkChromeAb67Sec=1; DPSync3=1622073600%3A197_219_201%7C1620950400%3A174; SyncRTB3=1621468800%3A223%7C1621728000%3A63%7C1622160000%3A35%7C1622073600%3A220_21_56_54_71_13_161_7_3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&userIdMacro=PM_UID&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3DPM_UID

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97060
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 json Show response
trc.taboola.com/unknown-site-on-gannett-network/trc/3/ 31 B
328 B 94ms
93ms XHR
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/unknown-site-on-gannett-network/trc/3/json?tim=00%3A48%3A04.941&lti=deflated&data=%7B%22id%22%3A946%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1620315013217%2C%22vi%22%3A1620946084939%2C%22cv%22%3A%2220210506-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPGKL43PGKL43AcABBENBZCgAAAAAH_AACiQAAAPlAJMNS-AC7EscGSaNKoUQIQrCQ6AUAFFAMLRNYQMrgp2VwEeoIGACE1ARgRAgxBRiwCAAQCAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCRAigCECQgyOCo5TAgIkWignsrAEou9jTCEMosAKBR_RUYCJQggWBkJCwAAAA.YAAAD_gAAAAA%22%2C%22gwto%22%3Atrue%2C%22ccpa_dns%22%3A%22none%22%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4772%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-s%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Feed%22%2C%22orig_uip%22%3A%22Homepage%20Feed%22%2C%22cd%22%3A4444.625%2C%22mw%22%3A710%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 65
date: Thu, 13 May 2021 22:48:05 GMT
content-encoding: gzip
server: nginx
x-timer: S1620946085.958315,VS0,VE65
x-served-by: cache-hhn11572-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://eu.telegram.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: text/plain;charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-gannett-network/log/2/ 0
277 B 103ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-gannett-network/log/2/debug?tim=00%3A48%3A05.038&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=9707&cv=20210506-7-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 16857
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.134:10213

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-gannett-network/log/2/ 0
277 B 103ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-gannett-network/log/2/debug?tim=00%3A48%3A05.039&type=error&msg=loadRBox%20failed%2C%20aborting.&id=1605&cv=20210506-7-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 16857
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.12.133:10213

GET
H2 204 debug
trc-events.taboola.com/unknown-site-on-gannett-network/log/2/ 0
277 B 103ms
34ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/unknown-site-on-gannett-network/log/2/debug?tim=00%3A48%3A05.039&type=warn&msg=Invalid%20response%20from%20server%3A%20trc_json_response%20%3D%0A%7B%22trc%22%3A%7B%7D%7D%0A&id=5676&cv=20210506-7-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 16857
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.22.181:10213

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame F0B3 0
418 B 399ms
37ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=57752&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:06 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3833 30 KB
9 KB 26ms
26ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47240
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9238
Expires: Fri, 14 May 2021 11:55:25 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3833 0
239 B 461ms
112ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632&us_privacy=1---
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/1035847.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6734403d2cb3625dc1fef1bbd4a17cf3
Content-Type: image/gif

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6057 38 KB
14 KB 28ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; chkChromeAb67Sec=1; DPSync3=1622073600%3A197_219_201%7C1620950400%3A174; SyncRTB3=1621468800%3A223%7C1621728000%3A63%7C1622160000%3A35%7C1622073600%3A220_21_56_54_71_13_161_7_3; SPugT=1620946085; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97058
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 542D 38 KB
14 KB 29ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; chkChromeAb67Sec=1; DPSync3=1622073600%3A197_219_201%7C1620950400%3A174; SyncRTB3=1621468800%3A223%7C1621728000%3A63%7C1622160000%3A35%7C1622073600%3A220_21_56_54_71_13_161_7_3; SPugT=1620946085; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97058
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 01F4 38 KB
14 KB 28ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; chkChromeAb67Sec=1; DPSync3=1622073600%3A197_219_201%7C1620950400%3A174; SyncRTB3=1621468800%3A223%7C1621728000%3A63%7C1622160000%3A35%7C1622073600%3A220_21_56_54_71_13_161_7_3; SPugT=1620946085; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97058
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6057 2 KB
3 KB 37ms
36ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29791588&p=57752&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ffa25d933e97f021ebccd8cbf1fdc316075bf9cbbd2b73f83335ebf2b5a0c3f9

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 198A 38 KB
14 KB 28ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; chkChromeAb67Sec=1; DPSync3=1622073600%3A197_219_201%7C1620950400%3A174; SyncRTB3=1621468800%3A223%7C1621728000%3A63%7C1622160000%3A35%7C1622073600%3A220_21_56_54_71_13_161_7_3; SPugT=1620946085; repi=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97058
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 542D 2 KB
3 KB 37ms
37ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51923846&p=57752&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ffa25d933e97f021ebccd8cbf1fdc316075bf9cbbd2b73f83335ebf2b5a0c3f9

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame F823
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGeW4wN0JPMWtBQUN3UGJmYlN4dw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

60ms
60ms

Document
image/gif

52.209.246.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAFyn07BO1kAACwPbfbSxw; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 13 May 2021 22:48:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 13 May 2021 22:48:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BBDD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427955755159

42 B
383 B

370ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427955755159
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427955755159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6961910427955755159; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:07 GMT; path=/ PugT=1620946087; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/
x-lat: lhrpug008:0:410
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 13 May 2021 22:48:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6961910427955755159; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427955755159

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D59D
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
235 B

385ms
37ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug006:2:294
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=fbe524e7-3ead-487a-8361-0eddbefb8e9d; path=/; domain=csync.loopme.me; Expires=Sun, 13-Jun-2021 22:48:06 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 13 May 2021 22:48:06 GMT
server: _

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame F14F 43 B
408 B 134ms
43ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-mon-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 13 May 2021 22:48:06 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C57B
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=474543212
https://sync.1rx.io/usersync/tradedesk/41651174-f288-45e2-bccc-359e1b36aa0e
https://sync.targeting.unrulymedia.com/csync/RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003

42 B
269 B

37ms
37ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; PugT=1620946086; KRTBCOOKIE_22=14911-7873678023749006679
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/ PugT=1620946087; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/
x-lat: lhrpug001:0:329
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003%22%7D; path=/; expires=Fri, 13 May 2022 22:48:07 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
etag: RX5d2bf32605ba4c869eec2f64f8ceedc5003

GET
H2

200

p.gif
visitor.fiftyt.com/ Frame 6057
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1

0
333 B

48ms
48ms

Image
text/plain

35.201.96.126
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
via: 1.1 google
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: clear
content-length: 0
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date: Thu, 13 May 2021 22:48:06 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 144

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 6057
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

94ms
47ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
frontend-id: 12
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
frontend-id: 9
location: /pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 6057 95 B
258 B 54ms
37ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=20DE3B59-0789-40C7-AC9C-7188397253B0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64ef6eb13c93c286-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a098382c40000c286502a4000000001

GET
H2

204

/
loadm.exelator.com/load/ Frame 6057
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0
https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

0
2 KB

68ms
67ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 13 May 2021 22:48:06 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6057
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc

42 B
424 B

189ms
43ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:383
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6057
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3838452757625042263&gdpr=0&gdpr_consent=&us_privacy=

1 B
323 B

433ms
51ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3838452757625042263&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:447
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3838452757625042263&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 13 May 2021 22:48:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6057
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA2aMRkABg&gdpr=0&gdpr_consent=&_test=YJ2spwAA2aMRkABg

1 B
234 B

37ms
37ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA2aMRkABg&gdpr=0&gdpr_consent=&_test=YJ2spwAA2aMRkABg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:527
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620946088.802569,VS0,VE0
x-served-by: cache-hhn4034-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA2aMRkABg&gdpr=0&gdpr_consent=&_test=YJ2spwAA2aMRkABg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6057
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d0e8c4ab-aaa5-4257-a674-9c918a1e8b7b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
110 B

37ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d0e8c4ab-aaa5-4257-a674-9c918a1e8b7b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:371
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d0e8c4ab-aaa5-4257-a674-9c918a1e8b7b&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 13 May 2021 22:48:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 6057 0
104 B 98ms
64ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6057
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

29ms
29ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-store, no-cache, private
x-lat: amspug017:0:372
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:07 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6057
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777

42 B
110 B

37ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:299
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:07 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.236:80
AN-X-Request-Uuid: 9a085937-e1b8-4787-adc3-d4e8893189d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

p.gif
visitor.fiftyt.com/ Frame 542D
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1

0
335 B

47ms
47ms

Image
text/plain

35.201.96.126
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.96.126 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
via: 1.1 google
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: clear
content-length: 0
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

date: Thu, 13 May 2021 22:48:06 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=&fbounce=1
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 144

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 542D
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

73ms
41ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Hjørring, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
frontend-id: 9
location: /pubmatic/1/info2?sType=sync&sExtCookieId=20DE3B59-0789-40C7-AC9C-7188397253B0&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 542D 95 B
489 B 24ms
23ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=20DE3B59-0789-40C7-AC9C-7188397253B0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64ef6eb14cacc286-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 0a098382ce0000c2861d2cf000000001

GET
H2

204

/
loadm.exelator.com/load/ Frame 542D
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0
https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1

0
2 KB

65ms
65ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 13 May 2021 22:48:06 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=71&buid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 542D
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc

42 B
112 B

164ms
43ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:05 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:374
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc
pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 2A04
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFITk5FN0JPMWtBQUN6QmlEXzBPdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

52ms
52ms

Document
image/gif

52.209.246.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.246.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bitoIsSecure=ok; bito=AAHNNE7BO1kAACzBiD_0Ow
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 13 May 2021 22:48:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 13 May 2021 22:48:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 542D
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7873678023749006679&gdpr=0&gdpr_consent=&us_privacy=

1 B
167 B

433ms
51ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7873678023749006679&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:440
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7873678023749006679&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 13 May 2021 22:48:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 55FB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427956213911

42 B
210 B

338ms
38ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427956213911
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427956213911
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-6961910427956213911; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:07 GMT; path=/ PugT=1620946087; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/
x-lat: lhrpug009:0:321
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Thu, 13 May 2021 22:48:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6961910427956213911; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6961910427956213911

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 542D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA9ESNEwAC&gdpr=0&gdpr_consent=&_test=YJ2spwAA9ESNEwAC

1 B
237 B

38ms
37ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA9ESNEwAC&gdpr=0&gdpr_consent=&_test=YJ2spwAA9ESNEwAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:578
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1620946088.799452,VS0,VE0
x-served-by: cache-hhn4034-HHN
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YJ2spwAA9ESNEwAC&gdpr=0&gdpr_consent=&_test=YJ2spwAA9ESNEwAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 542D
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4b31d0a1-aaaa-456d-a2bd-b00897cfc840&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
111 B

37ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4b31d0a1-aaaa-456d-a2bd-b00897cfc840&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:487
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4b31d0a1-aaaa-456d-a2bd-b00897cfc840&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 13 May 2021 22:48:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=2999
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 542D 0
103 B 71ms
65ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=20DE3B59-0789-40C7-AC9C-7188397253B0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 542D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
358 B

29ms
29ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:423
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:07 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CF4E
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
88 B

385ms
37ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug007:2:226
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=f37777b1-e018-4519-b60d-258a17c863fa; path=/; domain=csync.loopme.me; Expires=Sun, 13-Jun-2021 22:48:06 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Thu, 13 May 2021 22:48:06 GMT
server: _

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 3F5F 43 B
408 B 145ms
43ms Document
image/gif 63.251.232.170
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-mon-1.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 13 May 2021 22:48:06 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-2
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 542D
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777

42 B
110 B

38ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug020:0:304
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 13 May 2021 22:48:07 GMT
X-Proxy-Origin: 89.187.189.196; 89.187.189.196; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 705b2620-d739-437a-8513-a6d03f201d1f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8508457202069849777
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9287
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=920573577
https://sync.1rx.io/usersync/tradedesk/41651174-f288-45e2-bccc-359e1b36aa0e
https://sync.targeting.unrulymedia.com/csync/RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003

42 B
112 B

38ms
37ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; PugT=1620946086; KRTBCOOKIE_22=14911-7873678023749006679
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/ PugT=1620946087; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:07 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/
x-lat: lhrpug002:0:645
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003%22%7D; path=/; expires=Fri, 13 May 2022 22:48:07 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003
etag: RX5d2bf32605ba4c869eec2f64f8ceedc5003

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0301 38 KB
14 KB 29ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; repi=1; chkChromeAb67Sec=2; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; SyncRTB3=1622073600%3A22_81_7_166_55_54_13_8_234_99_21_56_71_3_220_161_165_204%7C1621468800%3A15_223_2%7C1622160000%3A35%7C1621728000%3A63%7C1623456000%3A203; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; PugT=1620946087
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97057
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:07 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0301 3 KB
3 KB 37ms
37ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75179075&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 962598fdfca9550c5dcfd68e34c3664a081847fa42bcefe8d260359a87c2f3c3

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DC68
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=f5FwqZU2HMX2IS0BpvpOWzUY

42 B
217 B

29ms
29ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=f5FwqZU2HMX2IS0BpvpOWzUY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=f5FwqZU2HMX2IS0BpvpOWzUY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; PugT=1620946087; KRTBCOOKIE_218=22978-YJ2spwAA2aMRkABg&KRTB&23194-YJ2spwAA2aMRkABg&KRTB&23209-YJ2spwAA2aMRkABg&KRTB&23244-YJ2spwAA2aMRkABg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:06 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-f5FwqZU2HMX2IS0BpvpOWzUY; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:06 GMT; path=/ PugT=1620946086; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:06 GMT; path=/
x-lat: amspug005:0:381
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 13 May 2021 22:48:08 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=f5FwqZU2HMX2IS0BpvpOWzUY; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=f5FwqZU2HMX2IS0BpvpOWzUY
strict-transport-security: max-age=0; includeSubDomains;

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame A94B 42 B
992 B 34ms
19ms Document
image/gif 2606:4700:3039::6815:c01a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c01a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 0a0983874400000ebbaaa0f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64ef6eb86c5d0ebb-FRA

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A62B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
465 B

173ms
172ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aanoeUx2eNNSE0UdcqeAGnSblU1pyoZaHmZbBeaykZa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 May 2021 22:48:08 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aHnseFolXVjQuWx7J3gJXoFrJD3GZcEbpyuP8bKMWn7mZajC1xRoYFbBwZbmDhQsMBXBmR7jPVueOOG7b57Yxr8; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 22:48:07 GMT; SameSite=None; Secure; ANON_ID_old=aHnseFolXVjQuWx7J3gJXoFrJD3GZcEbpyuP8bKMWn7mZajC1xRoYFbBwZbmDhQsMBXBmR7jPVueOOG7b57Yxr8; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 22:48:07 GMT;
cf-cache-status: DYNAMIC
cf-request-id: 0a098387ea0000074adb8de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64ef6eb9780d074a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 204
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aanoeUx2eNNSE0UdcqeAGnSblU1pyoZaHmZbBeaykZa; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 22:48:07 GMT; SameSite=None; Secure; ANON_ID_old=aanoeUx2eNNSE0UdcqeAGnSblU1pyoZaHmZbBeaykZa; path=/; domain=.tribalfusion.com; expires=Wed, 11-Aug-2021 22:48:07 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 0a098387470000074abcaea000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64ef6eb87e11074a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C803
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=PJNZBYYHT7lZ&pid=557219

1 B
144 B

37ms
37ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=PJNZBYYHT7lZ&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=PJNZBYYHT7lZ&pid=557219
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YJ2spwAA2aMRkABg&KRTB&23194-YJ2spwAA2aMRkABg&KRTB&23209-YJ2spwAA2aMRkABg&KRTB&23244-YJ2spwAA2aMRkABg; KRTBCOOKIE_409=22966-f5FwqZU2HMX2IS0BpvpOWzUY; PugT=1620946086
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:08 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:08 GMT; path=/
x-lat: lhrpug011:0:422
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-kx42z
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=PJNZBYYHT7lZ&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=bc8b4fc3f64cc12f; path=/; HttpOnly; Secure; SameSite=None

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 3488 0
44 B 1371ms
115ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 13 May 2021 22:48:08 GMT
server: b

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame FE20
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

37ms
36ms

Document
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 13 May 2021 22:48:07 GMT
via: 1.1 varnish
x-served-by: cache-hhn11572-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1620946088.841931,VS0,VE8
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 13-May-2022 22:48:07 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=eb0baa40-b20c-4925-876a-2acf38a218a2-tuct7973227&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 13 May 2021 22:48:07 GMT
via: 1.1 varnish
x-served-by: cache-hhn11572-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1620946088.753377,VS0,VE58
x-vcl-time-ms: 58
content-length: 0

GET
H2

200

check Show response
pixel.tapad.com/idsync/ex/receive/ Frame 49DE
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

95 B
165 B

42ms
42ms

Document
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.36.v20210114) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.tapad.com
:scheme: https
:path: /idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1620946088867; TapAd_DID=bc5d1208-9a7f-46ca-82d9-d6c8f891decb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 13 May 2021 22:48:08 GMT
strict-transport-security: max-age=31536000
content-type: image/png
content-length: 95
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

Redirect headers

date: Thu, 13 May 2021 22:48:08 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1620946088867;Expires=Mon, 12 Jul 2021 22:48:08 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=bc5d1208-9a7f-46ca-82d9-d6c8f891decb;Expires=Mon, 12 Jul 2021 22:48:08 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length: 0
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 35B6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:nRm3TebO1LHk7K5&gdpr=0&gdpr_consent=

42 B
384 B

37ms
37ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:nRm3TebO1LHk7K5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:nRm3TebO1LHk7K5&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YJ2spwAA2aMRkABg&KRTB&23194-YJ2spwAA2aMRkABg&KRTB&23209-YJ2spwAA2aMRkABg&KRTB&23244-YJ2spwAA2aMRkABg; KRTBCOOKIE_409=22966-f5FwqZU2HMX2IS0BpvpOWzUY; PugT=1620946086; SPugT=1620946088
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_107=1471-uid:nRm3TebO1LHk7K5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:08 GMT; path=/ PugT=1620946088; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:08 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:08 GMT; path=/
x-lat: lhrpug019:0:402
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 13 May 2021 22:48:08 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:nRm3TebO1LHk7K5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-04527eea692282deb@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=nRm3TebO1LHk7K5; Domain=.w55c.net; Expires=Mon, 13-Jun-2022 22:48:08 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 12-Jun-2021 22:48:08 GMT; Path=/; SameSite=None; Secure
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 55EF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D5UQG3WDSeRhE-_i9rj9GFm7vcQ

42 B
396 B

37ms
37ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D5UQG3WDSeRhE-_i9rj9GFm7vcQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D5UQG3WDSeRhE-_i9rj9GFm7vcQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YJ2spwAA2aMRkABg&KRTB&23194-YJ2spwAA2aMRkABg&KRTB&23209-YJ2spwAA2aMRkABg&KRTB&23244-YJ2spwAA2aMRkABg; KRTBCOOKIE_409=22966-f5FwqZU2HMX2IS0BpvpOWzUY; SPugT=1620946088; KRTBCOOKIE_107=1471-uid:nRm3TebO1LHk7K5; PugT=1620946088; KRTBCOOKIE_1074=22956-e_1685bc57-8707-48dc-836b-62378d257f28
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:09 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-D5UQG3WDSeRhE-_i9rj9GFm7vcQ; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:09 GMT; path=/ PugT=1620946089; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 12-Jun-2021 22:48:09 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:09 GMT; path=/
x-lat: lhrpug006:0:427
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 13 May 2021 22:48:09 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=D5UQG3WDSeRhE-_i9rj9GFm7vcQ
Set-Cookie: sa-user-id=s%3A0-0f95101b-7583-49e4-6113-efe2f6b8fd18.AsvwwIkN0SvPCjITpmXy1GaLULKM3Ktx7N0P1aFMo3k; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-0f95101b-7583-49e4-6113-efe2f6b8fd18%24ip%2489.187.189.196.jMK9v7eHfvgvDyIYi7B76ebPsC5QIeZdzRZPcrCPGHI; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame F9C4 0
114 B 1370ms
118ms Document
text/plain 38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 13 May 2021 22:48:09 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6622
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:632947A829F44408B4EF02A67905A53A

1 B
68 B

37ms
37ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:632947A829F44408B4EF02A67905A53A
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:632947A829F44408B4EF02A67905A53A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; SPugT=1620946085; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; PugT=1620946087
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 11-Aug-2021 22:48:07 GMT; path=/
x-lat: lhrpug002:0:408
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Thu, 13 May 2021 22:48:07 GMT
content-type: text/html
content-length: 154
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:632947A829F44408B4EF02A67905A53A
expires: Wed, 12 May 2021 22:48:07 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 i.gif Show response
e.serverbid.com/udb/9969/sync/ Frame 6363 0
44 B 103ms
102ms Document
text/plain 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=20DE3B59-0789-40C7-AC9C-7188397253B0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: e.serverbid.com
:scheme: https
:path: /udb/9969/sync/i.gif?partnerId=4&userId=20DE3B59-0789-40C7-AC9C-7188397253B0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 13 May 2021 22:48:07 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0301
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1685bc57-8707-48dc-836b-62378d257f28

42 B
448 B

37ms
37ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1685bc57-8707-48dc-836b-62378d257f28
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:08 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_1685bc57-8707-48dc-836b-62378d257f28
date: Thu, 13 May 2021 22:48:08 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0301
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49f46451-b43d-11eb-8330-df093698d031&gdpr=0&gdpr_consent=

1 B
236 B

37ms
37ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49f46451-b43d-11eb-8330-df093698d031&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:09 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:320
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=49f46451-b43d-11eb-8330-df093698d031&gdpr=0&gdpr_consent=
Date: Thu, 13 May 2021 22:48:08 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 49f46452-b43d-11eb-8330-df093698d031

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6057 0
418 B 39ms
39ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=57752&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:08 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 542D 0
418 B 46ms
37ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=57752&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:08 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 01F4 38 KB
14 KB 28ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; repi=1; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YJ2spwAA2aMRkABg&KRTB&23194-YJ2spwAA2aMRkABg&KRTB&23209-YJ2spwAA2aMRkABg&KRTB&23244-YJ2spwAA2aMRkABg; KRTBCOOKIE_409=22966-f5FwqZU2HMX2IS0BpvpOWzUY; SPugT=1620946088; KRTBCOOKIE_107=1471-uid:nRm3TebO1LHk7K5; KRTBCOOKIE_1074=22956-e_1685bc57-8707-48dc-836b-62378d257f28; KRTBCOOKIE_860=16335-D5UQG3WDSeRhE-_i9rj9GFm7vcQ; PugT=1620946089; KRTBCOOKIE_279=22890-49f46451-b43d-11eb-8330-df093698d031&KRTB&23011-49f46451-b43d-11eb-8330-df093698d031
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97055
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 198A 38 KB
14 KB 29ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=20DE3B59-0789-40C7-AC9C-7188397253B0; repi=1; DPSync3=1622073600%3A226_227_232_197_219_201_221%7C1620950400%3A174; KRTBCOOKIE_80=22987-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&16514-CAESENa2ptlGqUVE_i0MMvi3cOY&KRTB&23025-CAESENa2ptlGqUVE_i0MMvi3cOY; PUBMDCID=3; KRTBCOOKIE_153=19420-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc&KRTB&22979-8mlO2aU6Fo7pbxPY9z9ai_FtRtjpOkeLoWwE8UIc; KRTBCOOKIE_1101=23040-6961910427956213911; KRTBCOOKIE_377=6810-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&22918-41651174-f288-45e2-bccc-359e1b36aa0e&KRTB&23031-41651174-f288-45e2-bccc-359e1b36aa0e; KRTBCOOKIE_27=16735-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&16736-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23019-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3&KRTB&23114-uid:6a4c609d-aca3-4800-9169-c7fa9df54ff3; KRTBCOOKIE_391=22924-8781643169251435430&KRTB&23263-8781643169251435430; KRTBCOOKIE_22=14911-7873678023749006679; KRTBCOOKIE_594=17105-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003&KRTB&17107-RX-5d2bf326-05ba-4c86-9eec-2f64f8ceedc5-003; chkChromeAb67Sec=3; SyncRTB3=1622073600%3A81_166_54_176_165_230_5_56_220_161_57_234_21_3_88_222_7_22_8_204_104_55_13_78_233_99_71_189_231%7C1621728000%3A63%7C1621468800%3A67_2_15_223%7C1626048000%3A69%7C1623456000%3A203%7C1622160000%3A35; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_218=22978-YJ2spwAA2aMRkABg&KRTB&23194-YJ2spwAA2aMRkABg&KRTB&23209-YJ2spwAA2aMRkABg&KRTB&23244-YJ2spwAA2aMRkABg; KRTBCOOKIE_409=22966-f5FwqZU2HMX2IS0BpvpOWzUY; SPugT=1620946088; KRTBCOOKIE_107=1471-uid:nRm3TebO1LHk7K5; KRTBCOOKIE_1074=22956-e_1685bc57-8707-48dc-836b-62378d257f28; KRTBCOOKIE_860=16335-D5UQG3WDSeRhE-_i9rj9GFm7vcQ; PugT=1620946089; KRTBCOOKIE_279=22890-49f46451-b43d-11eb-8330-df093698d031&KRTB&23011-49f46451-b43d-11eb-8330-df093698d031
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=97055
Expires: Sat, 15 May 2021 01:45:44 GMT
Date: Thu, 13 May 2021 22:48:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 01F4 47 B
166 B 37ms
37ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58229753&p=57752&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 22:48:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 47
content-type: text/html; charset=UTF-8

POST
H2 204 perf Show response
trc-events.taboola.com/unknown-site-on-gannett-network/log/3/ 0
292 B 34ms
34ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/unknown-site-on-gannett-network/log/3/perf?lti=deflated
Requested by: Host: eu.telegram.com
URL: https://eu.telegram.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu.telegram.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 13 May 2021 22:48:09 GMT
server: nginx
x-fastly-to-nlb-rtt: 16807
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://eu.telegram.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.14.57:10213

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0301 0
418 B 38ms
37ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 13 May 2021 22:48:09 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: news.google.com
URL: https://news.google.com/swg/_/api/v1/publication/telegram.com/entitlements

Domain: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/trackShow

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.telegram.com/	1970-01-20 11:46:58	Name: xbc Value: %7Bjzx%7D-N5ANZW3bPhhicYGV6kRnPOD9DZMVwrcHeAiSCXkCQWwmLSWz3GsvzqDPtvgJEN_VKziVSK4XVZZIpPcsh50v_Gn-8A_CGCeCmeDU7idtTAnr5paM2zhwqEGx9wEzVcWDJYMcOLpwe0yIxW5ooO8B2OsMDDTRt7JoNvT4AYPCR85G3MhMSMBn-M7tWqM__MmSqVTAkVqnP5ak7Z7FyjBdVqIaL3WO0BOWMd2gSxFFvZmuDqlXMg4EpOF_dYtJtqdYlFrxShQNmiJw6UFphI5XDPThycWVteIKdOh0Mw50I0Vk7tg65VE_kQYfv3k65VOPGMoBLrhPkpcWzu5hCYHlAize-0VfJBiKNnQ01rd9w2LJBmghxWWOCcw-k85lodUJrH8Rtj_RFmWlC6w1gS0gjQaGhb-_9P3KkxMVYBWwQ6CcMbOVNfZihGivXMHErqpoWO2EISllLB9jQaHfQBmkVOGqlNLJYi4ejwim9lWkezGoxgCo7HWXODCdZaVuI8Gw99AOuw2zn79Cu56V4F27-w_FHpoExtR3u6MNj0ar7AJ63_X8LIPDkNj2u25BKFdQFzQtLpKNiSxVLewzhLhJelS2yZ9UxIba_L6wMJnGUkV-GOLgLNVlqTOwuTgt5POdbWnpBmI8ROVI7akPBM-ISKYSOalNzul7sVOdOrhaAuf7D8nbUVAjHaSKhWDQoy27crJmjBVCg40GBVETKJTmZ5OG_FxW9t1QMtYgkeYTY-7R2yxWiW39DjWvPDpOoYpwSuSi8GX0S_mRj_xB1XMT-dhmwB2zMsiCNDChh-mGNbEOdjffR4gKlfYt50fEhRerC430-alZxRBhPpSXWPByP9HnBT7V6qEwcUwNmK0CnTMX30JIcPuZAgufzb_Kp-7Wj1Gn8LAyNESzE6dAFv0T0gup68oCtW0Db1a3tqjbpHTsBvSDp9dRILwuTxx79Fs
.telegram.com/	1970-01-19 18:17:12	Name: __pvi Value: %7B%22id%22%3A%22v-2021-05-14-00-48-00-065-LV4nSpXql9yJntem-2be49b8ffa72e3100be254e33a8e84e2%22%2C%22domain%22%3A%22.telegram.com%22%2C%22time%22%3A1620946080242%7D
.telegram.com/	1970-01-19 18:58:58	Name: __pat Value: -14400000
.telegram.com/	1970-01-20 11:46:58	Name: __tbc Value: %7Bjzx%7Dvs0z7GJkD_BsyvPkF0aJ968t7ZfJNFMFW7AwIauB-RSluq7kNZhgPxjONh1fICBqVvpB9yuxhT29XoIr9av_cPAedemQN9NhhFB_hW8SOjARQxbnt2R7p2-QENImXIULqIF4aUTNNDHPGQSxVbtC1Q
eu.telegram.com/	1970-01-19 18:15:47	Name: _tb_sess_r Value:
.google.com/	1970-01-19 22:39:17	Name: NID Value: 215=fAYdOymGkgjjQ9F4rNU9DTxJZrmUH3fXFXu3cglp6E2_43x3D_S18qVhh2UJT3L6ysAJIuQoAvP_2vnrCX1tFKXhoXkpj3WY4_5WujdTyhuRv9CqkUPHAyB4gDF7T3kgg0t3vHjS3PBs0eo-DuVAShVr_2Zd-b2duCNZBygtyug
eu.telegram.com/	1970-01-20 03:01:22	Name: usprivacy Value: 1---
.telegram.com/	1970-01-20 11:46:58	Name: _lc2_fpi Value: ec5a113e48e4--01f5kymm2f5qbmm1hjdyxcpj7s
eu.telegram.com/	1970-01-27 01:27:46	Name: gup_clientid Value: 441b45cc-b43d-11eb-aa1a-b2a682172c97
eu.telegram.com/	1970-01-19 18:17:12	Name: _pc_nlmodal Value: newsletter_shown
.telegram.com/	1970-01-20 03:01:22	Name: gup_clientid Value: 441b45cc-b43d-11eb-aa1a-b2a682172c97
.telegram.com/	1970-01-20 03:01:22	Name: gup_anonid Value: 44198be2-b43d-11eb-aa1a-b2a682172c97
.telegram.com/	1970-01-20 03:01:22	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22pjwt%22%3A%20null%2C%20%22updated%22%3A%201620946079%2C%20%223PID%22%3A%20null%7D
.telegram.com/	1970-01-20 03:01:22	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+May+14+2021+00%3A47%3A59+GMT%2B0200+(Central+European+Summer+Time)&version=6.12.0&hosts=&consentId=2d4db23b-e5ec-4db9-aaf8-b83435b1f5bd&interactionCount=0&landingPath=https%3A%2F%2Feu.telegram.com%2F&groups=BG70%3A0%2C1%3A1%2C3%3A0%2CSTACK24%3A0%2C4%3A0%2C5%3A0%2C2%3A0%2CSTACK1%3A0
eu.telegram.com/	1970-01-19 18:15:47	Name: _tb_t_ppg Value: https%3A//eu.telegram.com/
eu.telegram.com/	1970-01-19 18:58:58	Name: _pbjs_userid_consent_data Value: 3524755945110770
.telegram.com/	1970-01-19 18:16:07	Name: gnt_eu Value: true
eu.telegram.com/	1970-01-27 01:27:46	Name: last_front Value: homepage
.telegram.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .telegram.com

165 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/partner/vendor/pbjsandwich.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	error	URL: https://c.amazon-adsystem.com/aax2/apstag.js(Line 2) Message: [object Object]
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: Subscriptions Runtime: 0.1.22.165
console-api	log	URL: https://cdn.tinypass.com/api/tinypass.min.js(Line 1) Message: TP: swg: get entitlements failed Error: XHR Failed fetching (https://news.google.com/...): (Note: a CORS error above may indicate that this domain is not configured for Subscribe with Google)
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.188.1(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://www.gannett-cdn.com/dcjs/prod/main.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js(Line 3) Message: Server did not respond to loadRBox
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js(Line 3) Message: loadRBox failed, aborting.
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210506-7-RELEASE.js(Line 3) Message: Invalid response from server: trc_json_response = {"trc":{}}
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi
console-api	log	URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96) Message: received a request for uspapi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adserver.adtechus.com
ap.lijit.com
apex.go.sonobi.com
api-v3.tinypass.com
api.gannett-cdn.com
api.rlcdn.com
as-sec.casalemedia.com
b1sync.zemanta.com
bam.nr-data.net
bh.contextweb.com
bidder.criteo.com
buy.tinypass.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.adsafeprotected.com
cdn.cookielaw.org
cdn.gatehousemedia.com
cdn.polyfill.io
cdn.taboola.com
cdn.tinypass.com
cm.adgrx.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
cpt-static.gannettdigital.com
cs.emxdgt.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dispatch-resources.s3.amazonaws.com
dsp.adfarm1.adition.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eu.telegram.com
eus.rubiconproject.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.gstatic.com
gannett-d.openx.net
geolocation.onetrust.com
gh-static-resources.s3.amazonaws.com
go.sonobi.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-agent.newrelic.com
js-sec.indexww.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
news.google.com
p.rfihub.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rp.liadm.com
rp4.liadm.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
sofia.trustx.org
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
staticassets.gannettdigital.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user.telegram.com
visitor.fiftyt.com
widget.perfectmarket.com
www.gannett-cdn.com
www.gstatic.com
www.telegram.com
x.bidswitch.net
buy.tinypass.com
news.google.com
104.111.230.142
13.224.103.105
13.224.95.18
13.224.95.44
13.224.95.54
13.248.242.197
134.209.129.254
141.226.228.48
142.250.181.226
142.250.185.66
146.59.148.16
151.101.113.194
151.101.114.110
151.101.114.49
151.101.114.62
151.101.14.62
152.199.21.35
159.253.128.183
162.247.242.19
162.55.6.213
169.197.150.7
178.162.133.148
178.162.133.149
178.162.133.150
178.250.0.163
178.250.2.131
178.62.202.251
18.156.0.31
18.159.187.109
18.194.69.213
18.195.155.181
184.25.115.31
185.29.132.69
185.33.221.52
185.64.189.110
185.64.189.112
185.64.189.114
185.64.190.78
185.64.190.80
185.64.190.81
188.42.196.115
193.0.160.128
198.148.27.140
199.232.137.181
199.232.137.44
2.18.232.130
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
205.185.216.10
206.189.254.17
213.155.156.185
213.19.147.45
213.19.162.31
23.79.143.124
2600:1f18:730:b140:28d8:9783:2a08:4b54
2606:4700:10::6814:b844
2606:4700:10::6816:1957
2606:4700:3039::6815:c01a
2606:4700::6810:9440
2606:4700::6811:bab1
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:16::1370
2a04:4e42:1b::621
3.121.66.29
3.124.79.200
34.120.133.55
34.249.39.204
34.254.122.11
34.98.107.212
34.98.64.218
35.174.135.52
35.201.96.126
35.211.168.6
35.227.248.159
35.244.174.68
37.157.6.247
38.27.122.101
52.209.246.140
52.216.138.147
52.44.181.48
52.46.130.13
52.59.102.119
52.86.196.188
54.171.173.220
54.175.198.118
54.76.119.149
54.78.254.47
63.251.232.170
66.155.71.150
69.173.144.139
70.42.32.191
72.251.249.14
77.243.60.138
8.43.72.98
85.114.159.118
94.23.73.243
010c5e198fdecb19624877f27bc19d9d7620b7a37b2636ddc594a9ea5de53780
02434ad36274485e3cdd66638380e6c38aa452e944194c22f812fd148a159a64
024f01d45739e9da991c4b69d20974d373b02a9a9136ea9238d41225ffdf240a
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
044e5e12c5d8acb617f82fbf006eef3c85d9f294e35daeeadd06c2d198e8314f
04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
05e83a4e44fbf34c5ab02c0597792b529b5128ab10f8f89217a61e97a99a312b
06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729
0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b46f2e59f77e297e9f9fd0a66c5335865471196d1b904a0cfe4b8cd15facabf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c
0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936
0ffa811e6235eb9161705d13affdce21ff7c89cc3301b6c60263d387d0553d9a
110326cbfdbee4b4997f4603d24f98257ce3a3ce743ef9ed0fd952cf2179da8a
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a8a8c93cecf52973b8df96a6d5740df952fb31e438d834e8e7fde5cb3255d06
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d5299ded19564097461f81d5f77d1e3ee298708dd47d6a1facf8abe184dabe5
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
1e1c2e6df56090ab890e3d9578f6fbd55551ea0a52442105d92c9d6b545bc0f3
1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c
2029aa5c6464fe2071a1be59da13516578833131c559d82e033edc33dcc3432f
20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9
20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3
212503c9ff8a972fc5c586499e9c00052db30bcd910a111d47f52a5c13bc1a38
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
29e04c948e0455803f87b6e1ca9516e4976368e8ad05ff16c31db762a6f06a4f
2beff6219304f59ca6d97eee8f9729b4b184434e9c49cd48b6a214a988c5bab5
2cf7f701a2a6d97b70e05ca4613ec5fda746d0b9483bfc1f1a2874f885bc4876
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3eb90ad60f1d50eab2558237637b1299106baadeffa94f0c2c82528d0da983
2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759
30e6556c0e680c36521dc30a5fafee60cfa0819460655f6f7f303c7d7d24afa2
314ed60012f54eaf96fcc40f94424a4a44e11c3515631d1f445c3d3f7a09e3e2
32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df
32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a
35320aa29e4bc2eee21e8310b16b43068c0a7b6beab6584989ec39b42f7bff10
35962190ab6297507a91a93fd08df28bc7231fa84da968112b42741d23710c30
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559
376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b
380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3
3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a
38f1fcc728ce650842d3eee9d9002b659a26cb9ac2be71e2eb0aa5867014640a
3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e
3ba96087dca29011c84e882c96282a6cec4081d1e9aa196eef4b3ef1b889d6d3
3ca2c6ef6222b9fa880c488cd90c4120d025b305006e5e45ae61306a8b8812e6
3cfa18fe7cde76da9baf805429a777f7ab4375a5123255d054ffbddf688c34f9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f12e335914950b4f2058dbcbbee727f3f7542399ec6b2e98256480ea91aa49
412d225480e1d94394ffc47ef625f253babd2fdd7a75c687989965fa64895bed
4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc
43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204
46d592855f74604d8c3edcd886206a5ece2f4424cc447884b917ce9639e9a1d6
46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486
47e192c9dfcfe0b669bf261318cdc2c8f5e7a9e8392de2f0fa3c32045a9f4b06
4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a76fd2d7206486cd72f80c33106d521c63cd5c7cf869c5c0ab908ad2c87d342
4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b
4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5cfd5343348acc22a6111cbe7f4f8d2bcddae455d30649faf68f1605a466ba
4e6d01e8b925c701afed6e022935a85029f2ad3dce832a5e0f68a8a75e9ea473
4f282833db23da3b023c79da69f86697dd606c1ea39c947bbc7b33f6fbb31ef4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5036782172457e8aea4a21d726072749533ac2bca60c2597863fbbea1ac86060
50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75
511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791
518b76f2c9bc13dab833d942ac4024afe2c7f86532a0ebd42e36d4f83f6ec90b
51a6117292845afab73b2de4673d5d7559afdffe1ef69fb08a1cb5003220859b
53b3692d60d35cf46cd40dee947ff04aaac0088e6b46d5bf9f5780f1d3fe60af
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c
5510e79d6d75a4d6f4127a85a6956d387d67e22c90c1ec9ad6a09345e61eb9d7
558a8f776eb6af4965895a386f659079feda01b20ea29a0a935969411c57eafa
5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a
5839b4112fcb5315e1942f1fa82478db1f7e3111ed9716175fc51ad8e2fcd3d3
5996062961b290de6f5e449fbcfdc3df354b36605692d9be7e571b91f978e21b
59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d
5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ed0e94f2aefb78e38ffbf679d5063e1e7283c883667f1672fafef5f59801645
5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed
5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca
625afddd911697606ed5d0232312d53fbb7f88a8cf3934e54cb4cdf7f7835ef9
62e620e1fcb9b72eae562be487140b14e1d3f9847f5185b5d158eb88bba7ab3e
63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105
6465f3dd2acc6f346fea9f64ef36e67d6afd00904256d0eaf1f9c1aae7f50c2f
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
69116f4eb740043cfa41f766af60af4e008c795e3c76db2a966310f159173bc5
692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be084013be9114131db05e43e8a6875b2eaff5b66139814b6ca572b6170e5d3
6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d
6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972
6f251f866f52c64233834785030ef712b46072003c990e139f316c0c5b2f21e2
6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004
7048a70a2561fba8958052325f67c88672bea2e6549d475d9d07d57922851026
70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179
71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7
72016adf7b9e801c465c1251614253c79e380f304c422b89f507313312e9e495
72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5
731ca2cba5c356a50f8649dd9b59585ffdcf3f310730c701116c465b1231895e
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a75f0c55010c9e995d2b940d31684c68dec9c532198b291cfe6c3c5cadf559
75113834959f674124ab61fd1b5f11d040a509bd019f083d5043d164e92aca02
75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a
77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1
7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb
7b8e97fcdb3ea29625c7195f9a46481a9060350a3588c77cff7f248f00f56269
7c862d06dbc394d8f64662949c40b019bd661b71381a0485ff7ccf3eaa45786f
7d6df36691fc6fdbebaeb41a0cffaba3ee361b412efa52c632596a9f4ae1d65a
7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0
7e0f739925614b9d486e10ecf704e3ce4d1a6492895065e36d03aec81689b4bd
7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5
7f7eedd0a1e304d0923e897477fe2b3e145cc985c9461faf1dba3b78547c1a15
7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622
7fa7b29a1da6988453202875e156d4dccaefdebe6f07d391ddd31a206e9db732
812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83acbac530682b1fc16e4f813bf608959032e691f942e53edcbfc2d82f40e22b
84eee881362d0bf7b2e071a2731c03570113b5acd5aaab999a0470bfee6c3801
86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06
86989b92a4178992b9810d886d66561dbee0a7531175cd3ef8a563f739d6925d
86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2
87e3f3ac4e350373848452ef3c2b625aef59f766d737662655fd45e5b12ed44f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8add9975d90befa00fd949bddf38c8fbde9e000837058684bd26366e71b3ddfb
8c000e4544bfb7ad85dd61fac0a167d1b3f4ca26213b90ba28be37edb4626bc8
8c999e74f987143a4c42cbdf7250f4b73b7ad34984ddb62222a8b0a5d1bf18d0
8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9
8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
8f7d307d115fda11ddf7f4a0fc8d76041a271bffafc82a91704fbab45f2f5122
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
91e9164448bbb0306f0ad72dad13782ef08ae66a9ac3d9b857d9a57a8a3468a1
922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2
9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613
9497b3ef7400c8a101e237d8229e27c143f6f9dcb7c3f2f960b60acd9c95536b
94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d
94f4e38ac958e4fc56987f041a16b8e964e0ffe7f30cddbb22beed4eec66e959
962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056
962598fdfca9550c5dcfd68e34c3664a081847fa42bcefe8d260359a87c2f3c3
96a7febe50fd6453294eca5c5c225f7eb1674d82fbef0de7e38d5d603e545a2a
983eabc6856216650ebc3b73033ee252ce3135ecc2611fdf877d514be3988381
989ddb1b96ee4dd0e5b65c9f00f23d8a56a1c482dc4d17ab67bae6d488eac238
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d9734440f7eb9c4d429d3951fd3ce27561f7e9068809b14e28e4084dbe174c
9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd
9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec
9b0244432d5bd68b595fef41e5257737a038d95848a1fa483c66fb8fdee718d3
9b2182667d2c3979d7af327043575e9c10ea86fa79199579666b34a870fda5d4
9b4647fb32d9a261858152507bd0e83f8e1448fff0ae5e5dc52e7d21004fd9de
9d123190344230d11c75e44332b9552d8714af8c810874f7752e64b05241b352
9d98057ed4b68fb8d94484308e9c4b522e2911a7aee8c1a36b11bce09931b083
9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251
a00bbf9b34d69e3c435c780766f932a592a6784b2c22a1ac650746e1bc2e4f91
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab
a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a
a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d
a91c7e526a9ef03853c5a4ec691b943c61f877288475a70e4dc5c52136085da5
a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b
a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572
ab75bed71fb97ab901fad8210b383818dd955450886014d5798eb0badf858c39
ac481da99bf99fa16aab19b9381f02ff6049184e2eb5fa618572bce1b02ec805
acc53eeca66905cf6282e40d23021cb7307908a0c7b36e8fbcb229c490a2f5df
acdbec0a29738429b95f1222388a4fff6b5aff5ebb18e16584e23e818ee6d029
afb5848f2f6b1a5d34f0d7a9455fb17f7cde8d2870d829e93d7b835b04e1b3ff
b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1
b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d6a2c513d8f1caeae77f8df5c5714f4565eee1f284d2646f979b640ec276fe
b1eb1c45b6ebab0c39f0d0e9e2444121ed4c7f77515d6e0c6f4ebdab4743a3cf
b44e51d6f9ccc82ba48c2a5432d445457bc3b6dff41febb0260354e29b6fd124
b5820a88a9d63b43954b224fd6c21f2bcf8a6c8e7e842073ce9f9dd72940bc44
b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95
b88b894dbc9e1d6503532dbdd069278c6b7921abc55e9abfb5599dc1324d0794
b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956
ba3c2d6ee72b322419531419cd8d3a10d76081df6a78ccd59f2a9913144440a3
ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f
ba9bb9563c62fb0665a5f35d5777e4ac2d09496fd946cef7203166487057a9d2
bb02056220ada55866c677a1b1f6e56df02b6a40d3e8afbf0435568ae865d600
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b
bc6326ce79db5e9c8949c9dd5b03ac39ede09ff1d1b547a8479cf49067030dd3
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bff41d9e02ab7c4066fe4d42af0f7ace7c1716c9a971744bcaa0707e22f02eed
c0ca5a42a5495b3071dd04bad5a9207f9863a889bb7b795a733df120f30eb3b2
c16bd5f710253f78feabb1ab551035166d5f9ffb186422bf76fe517956c8b3b3
c2c90f174faf5817f4b5b48a50c9d0a9054f6bfbe3589887b3c25a7b55cc4bea
c3118dd705f1a0aef5e04d78f05aeb2be98a17f26b26179289fc5d0d3c725844
c36fab5ff12dd27cd6909d9f561b13a1e402c489f5ceaef7b8cb2279528f3c4c
c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e
c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85
c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca
c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d
c8919e6b0b590371e8c88684d2f409615c0c650f8854befd1df1147855608a59
c9e7d778f6474c6713b186e5dad4a06c620779b2ed2fc446a1572f1c77cf5586
cb16b0e3a7ffeb4568d9fc1a2d5b98f5a6f669ed950125530b0cc7dfecd68367
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
d12920e19b130dbbc6027be52dd847e66715b88ca2fa88fdf268845a1e0779f0
d1e2230301e13ba6fe204946a6b854df1e6d34081271252a52c80c0536b24ca8
d29bd1e5200b98655e689f7fe4c415ebb8699b9539944a0955810de7c7e482d1
d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48
d660d79f16aa1c5c6669717c8ef0a70612d54137d31b1c50e02fd29cd9dafc9d
d6b7472f98f400d0f4c24dea8eb9a90afb003eda04b32f86f48fddaf56f78fbf
d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb
daf900b0d9166ef03d760110de12cbe13eb4eecf5f3f87e819a922b6fd376a63
dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7
dc768aa956cc3e7c9c11f91c45b70c8ee63ef9ee80249f762c37397085c70b94
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
deb0d7d427858d047173d87a8702ddd16a3153fb51516f6786783dc6dc1b293d
df9aa20a3dc2c29281028c2a8714d61048ac869232e9c25abc2736a0e944a998
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e05f35949462455403ed845e7f9dbb91d56ed47409b85d38fa3d962dfba3edbf
e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390
e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a
e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1
e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7da40cb80a2601550840874481db636c06c469f764937979f822d516ccb4abe
e891ecf43a7a45a273853e86332f5d310f5fa147daf9002a531e44cbe8fcdc15
e8c0badcaf01e6eedd01a7878bef3cbb9b309674f9728bf17be78da1af2d72d8
e967373c2b80a85b73682ba20cb839415eb0d96e5084b517ae5dcfee1207f2e8
eaa1270759d89d733beccc6b8255025459dada23b352e6cacb4f1be9b15b8411
eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289
ebc550603833b8ed6756199f8853e369966715bbc591f17b951ea2000be46e9b
ebf8278fb12d50b4ef821fbc8063798ca10b08f4107482e9be9f71f90570798f
ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff
ed00fc308690979b81792ce95914a990af53c140ec6029c2ce6d5893188afe87
ee55a78068293dd8c4ed978c35e141b9d211314ada6085d55a18dc507cb190d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5
f034dfd4e6db927b3161c63b49ff89b4f4b8c4e72359c600f5f788488ea4ce61
f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06
f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea
f16dbe23bd8fbde489ab6a9dd3cea0a923de345292054587b8304e675b8cd8bd
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90
f28f9bad619b1dff45a1f2a145d9a0c843f203cc8316c77d48f3ae1a6aebcb04
f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92
f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91
f6cee7f3e0f731e5ba1bb76e7a98827d5458aafe1c5e9ef42a0fc2b39f28db12
f7b599b5c519cb81ae695b83854fa19bd5d1f75efa694d1397ccd9475104ea6d
f7fbf2d6d7c216dc02e3ce82f157524b829a377018648ccb14cc994ab2242307
f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580
fd046f1a456204c44adbb7f7f138eb0acd30d7ace8dd2a0e6dd4d41d87ac29e7
ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354
ffa25d933e97f021ebccd8cbf1fdc316075bf9cbbd2b73f83335ebf2b5a0c3f9

eu.telegram.com Open in urlscan Pro 151.101.114.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

444 Requests

100 %HTTPS

19 %IPv6

80 Domains

127 Subdomains

81 IPs

10 Countries

3204 kBTransfer

9053 kBSize

19 Cookies

32 Outgoing links

Page URL History

Redirected requests

444 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 43 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

eu.telegram.com Open in urlscan Pro
151.101.114.62 Public Scan

Screenshot
Live screenshot

Full Image

444
Requests

100 %
HTTPS

19 %
IPv6

80
Domains

127
Subdomains

81
IPs

10
Countries

3204 kB
Transfer

9053 kB
Size

19
Cookies

444 HTTP transactions
43 data transactions