urlscan.io logo urlscan.io
SecurityTrails logo

www.telegram.com Open in urlscan Pro
151.101.66.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://telegram.com/
Effective URL: https://www.telegram.com/
Submission: On May 13 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 14 countries across 95 domains to perform 376 HTTP transactions. The main IP is 151.101.66.62, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.telegram.com. The Cisco Umbrella rank of the primary domain is 471961.
TLS certificate: Issued by R10 on May 3rd 2025. Valid for: 3 months.
This is the only time www.telegram.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.232.138.62 54113 (FASTLY)
61 151.101.66.62 54113 (FASTLY)
3 108.158.21.92 16509 (AMAZON-02)
4 18.244.214.125 16509 (AMAZON-02)
2 104.26.0.90 13335 (CLOUDFLAR...)
8 108.177.125.156 15169 (GOOGLE)
4 151.101.65.44 54113 (FASTLY)
2 104.18.43.90 13335 (CLOUDFLAR...)
6 182.161.73.136 55569 (CRITEO-AS...)
51 151.101.1.44 54113 (FASTLY)
6 151.101.130.62 54113 (FASTLY)
2 142.251.170.95 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
1 182.161.73.172 55569 (CRITEO-AS...)
1 184.31.253.201 16625 (AKAMAI-AS)
1 20.40.202.2 8075 (MICROSOFT...)
2 104.17.136.47 13335 (CLOUDFLAR...)
1 64.233.188.97 15169 (GOOGLE)
2 2 74.125.203.148 15169 (GOOGLE)
1 64.233.188.156 15169 (GOOGLE)
1 64.233.187.154 15169 (GOOGLE)
3 8 18.65.244.122 16509 (AMAZON-02)
1 108.158.32.72 16509 (AMAZON-02)
1 18.67.97.211 16509 (AMAZON-02)
1 15 141.226.229.48 200478 (TABOOLA-A...)
1 151.101.194.58 54113 (FASTLY)
3 4 103.43.91.8 29990 (ASN-APPNEX)
2 35.162.220.137 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-A...)
2 151.101.2.62 54113 (FASTLY)
1 23.38.131.47 16625 (AKAMAI-AS)
3 52.64.153.132 16509 (AMAZON-02)
6 173.194.174.157 15169 (GOOGLE)
1 74.125.23.149 15169 (GOOGLE)
7 8 35.213.183.23 15169 (GOOGLE)
1 64.233.188.154 15169 (GOOGLE)
1 182.161.73.173 55569 (CRITEO-AS...)
2 142.250.157.132 15169 (GOOGLE)
1 19 98.82.158.241 14618 (AMAZON-AES)
2 173.194.174.100 15169 (GOOGLE)
2 64.233.189.157 15169 (GOOGLE)
2 108.177.97.94 15169 (GOOGLE)
1 173.194.174.104 15169 (GOOGLE)
9 9 35.213.7.90 15169 (GOOGLE)
1 64.233.187.132 15169 (GOOGLE)
1 108.177.97.95 15169 (GOOGLE)
2 13.236.254.232 16509 (AMAZON-02)
2 151.101.194.62 54113 (FASTLY)
1 74.214.196.131 19189 (PULSEPOINT)
2 64.233.187.94 15169 (GOOGLE)
13 13 52.223.40.198 16509 (AMAZON-02)
2 131.153.206.103 59210 (PHOENIXNA...)
4 6 18.136.28.10 16509 (AMAZON-02)
2 142.250.194.195 15169 (GOOGLE)
1 72.34.249.210 27630 (AS-XFERNET)
1 69.173.158.92 26667 (RUBICONPR...)
3 4 35.186.253.211 396982 (GOOGLE-CL...)
1 23.40.52.90 20940 (AKAMAI-AS...)
17 24 69.173.158.64 26667 (RUBICONPR...)
1 2 184.31.252.83 16625 (AKAMAI-AS)
1 34.217.197.47 16509 (AMAZON-02)
2 15 104.18.27.193 13335 (CLOUDFLAR...)
3 8 54.169.228.246 16509 (AMAZON-02)
2 23.221.132.242 16625 (AKAMAI-AS)
5 5 183.177.68.210 10310 (YAHOO-1)
3 10 34.98.64.218 396982 (GOOGLE-CL...)
1 1 23.105.12.159 30633 (LEASEWEB-...)
5 5 103.43.90.178 29990 (ASN-APPNEX)
2 2 35.71.178.8 16509 (AMAZON-02)
1 104.18.13.250 13335 (CLOUDFLAR...)
2 207.65.33.83 62713 (AS-PUBMATIC)
1 131.153.206.101 59210 (PHOENIXNA...)
1 3 79.127.230.245 60068 (CDN77 Dat...)
6 131.153.206.102 59210 (PHOENIXNA...)
1 37.157.6.232 198622 (ADFORM Ad...)
13 14 67.199.150.82 62713 (AS-PUBMATIC)
11 14 207.65.33.82 62713 (AS-PUBMATIC)
6 6 54.153.252.209 16509 (AMAZON-02)
3 3 44.241.235.168 16509 (AMAZON-02)
13 16 74.125.203.155 15169 (GOOGLE)
1 1 172.64.150.63 13335 (CLOUDFLAR...)
1 1 104.18.37.193 13335 (CLOUDFLAR...)
1 1 103.43.90.53 29990 (ASN-APPNEX)
4 4 35.171.60.242 14618 (AMAZON-AES)
5 182.161.73.164 55569 (CRITEO-AS...)
1 1 13.114.23.64 16509 (AMAZON-02)
2 2 34.170.123.2 396982 (GOOGLE-CL...)
4 5 74.118.186.107 6336 (TURN-US-ASN)
1 1 8.2.110.97 46636 (NATCOWEB)
1 23.106.127.170 59253 (LEASEWEB-...)
5 174.129.199.219 14618 (AMAZON-AES)
2 2 108.158.32.12 16509 (AMAZON-02)
1 1 124.146.153.163 2514 (INFOSPHER...)
1 1 23.221.132.28 16625 (AKAMAI-AS)
1 2 185.84.60.23 198622 (ADFORM Ad...)
1 1 74.121.140.211 30419 (PAEDAE-INC)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 107.178.254.65 396982 (GOOGLE-CL...)
10 11 95.173.218.112 60068 (CDN77 Dat...)
2 2 37.157.5.49 198622 (ADFORM Ad...)
1 2 18.139.55.202 16509 (AMAZON-02)
4 4 54.169.63.10 16509 (AMAZON-02)
2 3 207.65.33.76 62713 (AS-PUBMATIC)
2 54.147.89.20 14618 (AMAZON-AES)
1 1 172.240.35.164 7979 (SERVERS-COM)
2 52.10.74.77 16509 (AMAZON-02)
1 1 72.34.249.227 27630 (AS-XFERNET)
3 3 35.212.52.97 19527 (GOOGLE-2)
2 2 184.27.43.153 16625 (AKAMAI-AS)
6 184.31.253.153 16625 (AKAMAI-AS)
2 67.199.150.85 62713 (AS-PUBMATIC)
1 43.250.0.199 29990 (ASN-APPNEX)
1 207.65.33.86 62713 (AS-PUBMATIC)
5 72.34.249.225 27630 (AS-XFERNET)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
3 3 34.36.216.150 396982 (GOOGLE-CL...)
1 1 52.76.53.230 16509 (AMAZON-02)
3 5 34.111.113.62 396982 (GOOGLE-CL...)
1 1 198.8.71.130 54312 (ROCKETFUEL)
1 1 207.65.33.79 62713 (AS-PUBMATIC)
1 1 18.138.18.111 16509 (AMAZON-02)
2 2 35.213.50.78 15169 (GOOGLE)
2 9 18.67.110.37 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
3 3 103.229.10.247 16509 (AMAZON-02)
1 2 151.101.2.49 54113 (FASTLY)
1 108.158.20.87 16509 (AMAZON-02)
2 2 69.173.146.5 26667 (RUBICONPR...)
1 150.171.22.12 8075 (MICROSOFT...)
1 54.239.33.158 16509 (AMAZON-02)
3 3 18.180.102.205 16509 (AMAZON-02)
1 1 18.67.175.104 16509 (AMAZON-02)
1 2 108.158.32.69 16509 (AMAZON-02)
1 54.245.127.213 16509 (AMAZON-02)
1 172.64.146.152 13335 (CLOUDFLAR...)
1 183.177.68.211 10310 (YAHOO-1)
1 1 47.253.61.56 45102 (ALIBABA-C...)
1 3 68.183.122.102 14061 (DIGITALOC...)
1 52.72.57.106 14618 (AMAZON-AES)
1 1 35.186.193.173 396982 (GOOGLE-CL...)
2 2 82.145.213.8 39832 (NO-OPERA ...)
1 1 151.101.130.58 54113 (FASTLY)
1 2 44.238.143.165 16509 (AMAZON-02)
1 1 13.215.145.61 16509 (AMAZON-02)
1 13.213.154.123 16509 (AMAZON-02)
1 1 52.223.2.229 16509 (AMAZON-02)
376 102
1    199.232.138.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
telegram.com
61    151.101.66.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.telegram.com
user.telegram.com
3    108.158.21.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-21-92.syd62.r.cloudfront.net
c.amazon-adsystem.com
4    18.244.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-125.sfo53.r.cloudfront.net
static.adsafeprotected.com
2    104.26.0.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
8    108.177.125.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tp-in-f156.1e100.net
securepubads.g.doubleclick.net
4    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
nr-events.taboola.com
2    104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
6    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
51    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
c2.taboola.com
pm-widget.taboola.com
beacon.taboola.com
hp.taboola.com
trc.taboola.com
nr-events.taboola.com
vidstat.taboola.com
images.taboola.com
imprsgmp.taboola.com
vidstatb.taboola.com
cdn.taboola.com
6    151.101.130.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
hlsmedia.gannett-cdn.com
2    142.251.170.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: tc-in-f95.1e100.net
imasdk.googleapis.com
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
display.bidder.taboola.com
1    182.161.73.172 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
grid-bidder.criteo.com
1    184.31.253.201 (Seoul, Korea, Republic Of)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-253-201.deploy.static.akamaitechnologies.com
a.teads.tv
1    20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
2    104.17.136.47 (None, )

ASN13335 (CLOUDFLARENET, US)
polarcdn-terrax.com
1    64.233.188.97 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f97.1e100.net
www.googletagmanager.com
2    74.125.203.148 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f148.1e100.net
ad.doubleclick.net
1    64.233.188.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f156.1e100.net
adservice.google.com
1    64.233.187.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f154.1e100.net
www.googleadservices.com
8    18.65.244.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-122.syd3.r.cloudfront.net
sb.scorecardresearch.com
1    108.158.32.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-72.syd3.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.67.97.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-97-211.syd62.r.cloudfront.net
aax.amazon-adsystem.com
15    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync.taboola.com
sg-trc-events.taboola.com
sg-match.taboola.com
sg-vid-events.taboola.com
sync-t1.taboola.com
1    151.101.194.58 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.temu.com
4    103.43.91.8 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1045.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    35.162.220.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-220-137.us-west-2.compute.amazonaws.com
p1.parsely.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
cds.taboola.com
2    151.101.2.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
reporting-api.gannettinnovation.com
1    23.38.131.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-131-47.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    52.64.153.132 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-153-132.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
6    173.194.174.157 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f157.1e100.net
pagead2.googlesyndication.com
1    74.125.23.149 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f149.1e100.net
s0.2mdn.net
8    35.213.183.23 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 23.183.213.35.bc.googleusercontent.com
s.ad.smaato.net
1    64.233.188.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f154.1e100.net
googleads.g.doubleclick.net
1    182.161.73.173 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    142.250.157.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ta-in-f132.1e100.net
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
19    98.82.158.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-158-241.compute-1.amazonaws.com
s.amazon-adsystem.com
2    173.194.174.100 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f100.1e100.net
analytics.google.com
2    64.233.189.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tl-in-f157.1e100.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
2    108.177.97.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f94.1e100.net
www.google.com.au
1    173.194.174.104 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f104.1e100.net
www.google.com
9    35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
1    64.233.187.132 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f132.1e100.net
tpc.googlesyndication.com
1    108.177.97.95 (United States)

ASN15169 (GOOGLE, US)
PTR: tm-in-f95.1e100.net
fonts.googleapis.com
2    13.236.254.232 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-236-254-232.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
2    151.101.194.62 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.gannett-cdn.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    64.233.187.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f94.1e100.net
fonts.gstatic.com
13    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
6    18.136.28.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-28-10.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    142.250.194.195 (United States)

ASN15169 (GOOGLE, US)
PTR: del12s07-in-f3.1e100.net
csi.gstatic.com
1    72.34.249.210 (Monterey Park, United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    69.173.158.92 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
4    35.186.253.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    23.40.52.90 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-40-52-90.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
24    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    184.31.252.83 (Seoul, Korea, Republic Of)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-252-83.deploy.static.akamaitechnologies.com
cs.media.net
contextual.media.net
1    34.217.197.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-197-47.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
15    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8    54.169.228.246 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    23.221.132.242 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-132-242.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    183.177.68.210 (Hong Kong)

ASN10310 (YAHOO-1, US)
PTR: e1-ha.ycpi.aue.yahoo.com
ups.analytics.yahoo.com
10    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
jp-u.openx.net
1    23.105.12.159 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
5    103.43.90.178 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    104.18.13.250 (None, )

ASN13335 (CLOUDFLARENET, US)
a.amxrtb.com
2    207.65.33.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    131.153.206.101 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sync.a-mo.net
3    79.127.230.245 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-79-127-230-245.datapacket.com
id.a-mx.com
id.rtb.mx
6    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sea1-sync.a-mo.net
1    37.157.6.232 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
14    67.199.150.82 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
14    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
6    54.153.252.209 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-252-209.ap-southeast-2.compute.amazonaws.com
ad.turn.com
3    44.241.235.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-235-168.us-west-2.compute.amazonaws.com
ap.lijit.com
16    74.125.203.155 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f155.1e100.net
cm.g.doubleclick.net
1    172.64.150.63 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
1    104.18.37.193 (None, )

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
1    103.43.90.53 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
4    35.171.60.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-60-242.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    182.161.73.164 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
1    13.114.23.64 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-23-64.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
2    34.170.123.2 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com
um.simpli.fi
5    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    8.2.110.97 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    23.106.127.170 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
rtb-csync.smartadserver.com
5    174.129.199.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-199-219.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    108.158.32.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-12.syd3.r.cloudfront.net
cr-p3.ladsp.com
1    124.146.153.163 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    23.221.132.28 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-132-28.deploy.static.akamaitechnologies.com
hbx.media.net
2    185.84.60.23 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
1    74.121.140.211 (Reston, United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
11    95.173.218.112 (Praha 10, Czech Republic)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-95-173-218-112.datapacket.com
uipglob.semasio.net
sg.semasio.net
sa.semasio.net
2    37.157.5.49 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
track.adform.net
2    18.139.55.202 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-55-202.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
4    54.169.63.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-63-10.ap-southeast-1.compute.amazonaws.com
pubmatic-match.dotomi.com
stx-match.dotomi.com
3    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    54.147.89.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-89-20.compute-1.amazonaws.com
dt.adsafeprotected.com
1    172.240.35.164 (United States)

ASN7979 (SERVERS-COM, US)
sync.colossusssp.com
2    52.10.74.77 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-74-77.us-west-2.compute.amazonaws.com
cs.yellowblue.io
1    72.34.249.227 (Monterey Park, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    35.212.52.97 (Washington, United States)

ASN19527 (GOOGLE-2, US)
PTR: 97.52.212.35.bc.googleusercontent.com
sync.inmobi.com
2    184.27.43.153 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-27-43-153.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    184.31.253.153 (Seoul, Korea, Republic Of)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-253-153.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    67.199.150.85 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    43.250.0.199 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.sin3.adnexus.net
prebid.adnxs.com
1    207.65.33.86 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
5    72.34.249.225 (Monterey Park, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
taboola-d.openx.net
us-u.openx.net
3    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    52.76.53.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-53-230.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
5    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    207.65.33.79 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
2    35.213.50.78 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 78.50.213.35.bc.googleusercontent.com
a.sportradarserving.com
9    18.67.110.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-37.syd62.r.cloudfront.net
usr.undertone.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
3    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    151.101.2.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    108.158.20.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-87.syd62.r.cloudfront.net
cdn.undertone.com
2    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    150.171.22.12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    18.180.102.205 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-102-205.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    18.67.175.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-175-104.cgk51.r.cloudfront.net
live.primis.tech
2    108.158.32.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-69.syd3.r.cloudfront.net
sync.intentiq.com
syncv4.intentiq.com
1    54.245.127.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-127-213.us-west-2.compute.amazonaws.com
ce.lijit.com
1    172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    183.177.68.211 (Hong Kong)

ASN10310 (YAHOO-1, US)
PTR: e2-ha.ycpi.aue.yahoo.com
pbs.yahoo.com
1    47.253.61.56 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gw-iad-bid.ymmobi.com
3    68.183.122.102 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.cootlogix.com
1    52.72.57.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-57-106.compute-1.amazonaws.com
i.liadm.com
1    35.186.193.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    151.101.130.58 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.temu.com
2    44.238.143.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-143-165.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    13.215.145.61 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-145-61.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    13.213.154.123 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-154-123.ap-southeast-1.compute.amazonaws.com
crb.kargo.com
1    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
72 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1299
c2.taboola.com — Cisco Umbrella Rank: 16275
display.bidder.taboola.com — Cisco Umbrella Rank: 4260
pm-widget.taboola.com — Cisco Umbrella Rank: 4831
beacon.taboola.com — Cisco Umbrella Rank: 2491
hp.taboola.com — Cisco Umbrella Rank: 38872
trc.taboola.com — Cisco Umbrella Rank: 1185
nr-events.taboola.com — Cisco Umbrella Rank: 20105
sync.taboola.com — Cisco Umbrella Rank: 1807
sg-trc-events.taboola.com — Cisco Umbrella Rank: 45349
cds.taboola.com — Cisco Umbrella Rank: 3039
vidstat.taboola.com — Cisco Umbrella Rank: 5181
images.taboola.com — Cisco Umbrella Rank: 2268
imprsgmp.taboola.com — Cisco Umbrella Rank: 58016
sg-match.taboola.com — Cisco Umbrella Rank: 58807
sg-vid-events.taboola.com — Cisco Umbrella Rank: 54570
vidstatb.taboola.com — Cisco Umbrella Rank: 9374
sync-t1.taboola.com — Cisco Umbrella Rank: 3304
1 MB
62 telegram.com
telegram.com — Cisco Umbrella Rank: 182110
www.telegram.com — Cisco Umbrella Rank: 471961
user.telegram.com
506 KB
39 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 851
image6.pubmatic.com — Cisco Umbrella Rank: 1153
image8.pubmatic.com — Cisco Umbrella Rank: 1072
simage2.pubmatic.com — Cisco Umbrella Rank: 1492
image2.pubmatic.com — Cisco Umbrella Rank: 1521
image4.pubmatic.com — Cisco Umbrella Rank: 2048
simage4.pubmatic.com — Cisco Umbrella Rank: 3759
ow.pubmatic.com — Cisco Umbrella Rank: 3215
36 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1479
pixel.rubiconproject.com — Cisco Umbrella Rank: 693
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1650
eus.rubiconproject.com — Cisco Umbrella Rank: 986
token.rubiconproject.com — Cisco Umbrella Rank: 799
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 2619
48 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 324
ad.doubleclick.net — Cisco Umbrella Rank: 234
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
stats.g.doubleclick.net — Cisco Umbrella Rank: 308
pubads.g.doubleclick.net — Cisco Umbrella Rank: 467
cm.g.doubleclick.net — Cisco Umbrella Rank: 429
267 KB
25 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 449
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 1090
aax.amazon-adsystem.com — Cisco Umbrella Rank: 613
s.amazon-adsystem.com — Cisco Umbrella Rank: 454
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1287
106 KB
16 openx.net
rtb.openx.net — Cisco Umbrella Rank: 956
u.openx.net — Cisco Umbrella Rank: 1186
us-u.openx.net — Cisco Umbrella Rank: 884
jp-u.openx.net — Cisco Umbrella Rank: 13571
taboola-d.openx.net — Cisco Umbrella Rank: 12076
4 KB
15 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 923
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1050
11 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
9 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 983
ups.analytics.yahoo.com — Cisco Umbrella Rank: 891
pbs.yahoo.com — Cisco Umbrella Rank: 1643
5 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 668
grid-bidder.criteo.com — Cisco Umbrella Rank: 1590
ssp-sync.criteo.com — Cisco Umbrella Rank: 1418
18 KB
11 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2503
sg.semasio.net — Cisco Umbrella Rank: 12872
sa.semasio.net — Cisco Umbrella Rank: 286094
6 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 464
secure.adnxs.com — Cisco Umbrella Rank: 885
prebid.adnxs.com — Cisco Umbrella Rank: 2266
10 KB
11 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 1055
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1207
dt.adsafeprotected.com — Cisco Umbrella Rank: 844
130 KB
10 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 3635
cdn.undertone.com — Cisco Umbrella Rank: 6261
6 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
sync.a-mo.net — Cisco Umbrella Rank: 4658
sea1-sync.a-mo.net — Cisco Umbrella Rank: 15864
6 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
3 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 179
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 245
93 KB
8 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1164
3 KB
8 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 320
5 KB
8 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 952 Failed
3 KB
8 gannett-cdn.com
hlsmedia.gannett-cdn.com — Cisco Umbrella Rank: 32034
www.gannett-cdn.com — Cisco Umbrella Rank: 19269
3 MB
7 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2208
cs.yellowblue.io — Cisco Umbrella Rank: 2746
4 KB
7 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 5712
sync.go.sonobi.com — Cisco Umbrella Rank: 1599
6 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1263
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 737
2 KB
5 adform.net
cm.adform.net — Cisco Umbrella Rank: 2152
c1.adform.net — Cisco Umbrella Rank: 1139
track.adform.net — Cisco Umbrella Rank: 6037
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 6288
stx-match.dotomi.com — Cisco Umbrella Rank: 5445
1 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 784
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 988
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1161
ce.lijit.com — Cisco Umbrella Rank: 1442
2 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
16 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 828
analytics.google.com — Cisco Umbrella Rank: 279
www.google.com — Cisco Umbrella Rank: 9
127 B
3 cootlogix.com
sync.cootlogix.com — Cisco Umbrella Rank: 2798
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 980
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1332
972 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 747
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1198
2 KB
3 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1792
757 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1297
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 834
1 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1420
hbx.media.net — Cisco Umbrella Rank: 2880
contextual.media.net — Cisco Umbrella Rank: 1117
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 659
fonts.googleapis.com — Cisco Umbrella Rank: 129
407 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 4214
collector.brandmetrics.com — Cisco Umbrella Rank: 4349
21 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 404
1 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1355
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1827
syncv4.intentiq.com — Cisco Umbrella Rank: 3098
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1285
701 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3598
980 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 810
835 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 17747
861 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1257
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 2372
s.tribalfusion.com — Cisco Umbrella Rank: 6038
984 B
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2699
2 KB
2 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 15458
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1016
675 B
2 google.com.au
www.google.com.au — Cisco Umbrella Rank: 18167
127 B
2 gannettinnovation.com
reporting-api.gannettinnovation.com — Cisco Umbrella Rank: 28174
2 parsely.com
p1.parsely.com — Cisco Umbrella Rank: 4700
516 B
2 temu.com
www.temu.com — Cisco Umbrella Rank: 985
1022 B
2 polarcdn-terrax.com
polarcdn-terrax.com — Cisco Umbrella Rank: 18938
7 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2644
197 KB
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 2089
369 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 1036
656 B
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 6854
430 B
1 liadm.com
i.liadm.com — Cisco Umbrella Rank: 908
208 B
1 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 4085
424 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1531
328 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2479
564 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 715
517 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 18526
651 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1335
734 B
1 rtb.mx
id.rtb.mx — Cisco Umbrella Rank: 6608
831 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 4128
678 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1481
569 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1780
949 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 3266
859 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3992
476 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1811
483 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 7295
422 B
1 amxrtb.com
a.amxrtb.com — Cisco Umbrella Rank: 3331
5 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1549
534 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 1030
606 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 1141
817 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1223
13 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 555
17 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1752
17 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
22 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 122
116 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 2347
797 B
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 nex8.net Failed
cs.nex8.net Failed
0 ad-m.asia Failed
sync-dsp.ad-m.asia Failed
0 clientgear.com Failed
event.clientgear.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 loopme.me Failed
csync.loopme.me Failed
376 95
Domain Requested by
60 www.telegram.com www.telegram.com
ads.pubmatic.com
ssum-sec.casalemedia.com
21 trc.taboola.com cdn.taboola.com
imprsgmp.taboola.com
www.telegram.com
19 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
s.ad.smaato.net
u.openx.net
ads.pubmatic.com
match.sharethrough.com
cs-server-s2s.yellowblue.io
16 cm.g.doubleclick.net 13 redirects u.openx.net
cs-server-s2s.yellowblue.io
16 pixel.rubiconproject.com 12 redirects cs-server-s2s.yellowblue.io
s.ad.smaato.net
15 image8.pubmatic.com 14 redirects ads.pubmatic.com
13 match.adsrvr.org 13 redirects
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
10 vidstat.taboola.com cdn.taboola.com
www.telegram.com
9 usr.undertone.com 2 redirects ads.pubmatic.com
cdn.undertone.com
9 x.bidswitch.net 9 redirects
8 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 s.ad.smaato.net 7 redirects s.amazon-adsystem.com
8 ib.adnxs.com 7 redirects www.telegram.com
8 sync.taboola.com 1 redirects imprsgmp.taboola.com
www.telegram.com
s.ad.smaato.net
8 sb.scorecardresearch.com 3 redirects www.telegram.com
8 match.sharethrough.com www.telegram.com
s.amazon-adsystem.com
match.sharethrough.com
cs-server-s2s.yellowblue.io
8 securepubads.g.doubleclick.net www.telegram.com
securepubads.g.doubleclick.net
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
7 us-u.openx.net 2 redirects u.openx.net
www.telegram.com
sg-match.taboola.com
us-u.openx.net
7 image2.pubmatic.com 5 redirects imprsgmp.taboola.com
ads.pubmatic.com
7 simage2.pubmatic.com 6 redirects ads.pubmatic.com
7 images.taboola.com www.telegram.com
6 eus.rubiconproject.com cs-server-s2s.yellowblue.io
eus.rubiconproject.com
sg-match.taboola.com
cdn.undertone.com
6 sync.go.sonobi.com 1 redirects www.telegram.com
6 ad.turn.com 6 redirects
6 sea1-sync.a-mo.net imprsgmp.taboola.com
ads.pubmatic.com
6 pr-bh.ybp.yahoo.com 4 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
6 pagead2.googlesyndication.com imasdk.googleapis.com
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
6 hlsmedia.gannett-cdn.com www.telegram.com
6 gum.criteo.com www.telegram.com
cdn.taboola.com
static.criteo.net
gum.criteo.com
5 pixel.tapad.com 3 redirects ads.pubmatic.com
cs-server-s2s.yellowblue.io
5 sg.semasio.net 5 redirects
5 uipglob.semasio.net 4 redirects ads.pubmatic.com
5 cs-server-s2s.yellowblue.io s.ad.smaato.net
cs-server-s2s.yellowblue.io
5 ssp-sync.criteo.com www.telegram.com
5 ups.analytics.yahoo.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
www.telegram.com
5 pixel.adsafeprotected.com static.adsafeprotected.com
www.telegram.com
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
4 sync.1rx.io 3 redirects match.sharethrough.com
4 sync.srv.stackadapt.com 4 redirects
4 rtb.openx.net 3 redirects vidstat.taboola.com
us-u.openx.net
4 hp.taboola.com cdn.taboola.com
4 cdn.taboola.com www.telegram.com
cdn.taboola.com
4 static.adsafeprotected.com www.telegram.com
pixel.adsafeprotected.com
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
3 sync.cootlogix.com 1 redirects cdn.undertone.com
3 match.prod.bidr.io 3 redirects
3 cms.quantserve.com 3 redirects
3 creativecdn.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 sync.inmobi.com 3 redirects
3 image4.pubmatic.com 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 ap.lijit.com 3 redirects
3 eb2.3lift.com 3 redirects
3 nr-events.taboola.com c2.taboola.com
www.telegram.com
3 c.amazon-adsystem.com www.telegram.com
c.amazon-adsystem.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 t.adx.opera.com 2 redirects
2 sync-t1.taboola.com www.telegram.com
us-u.openx.net
2 pixel-us-east.rubiconproject.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 a.sportradarserving.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 secure-assets.rubiconproject.com 2 redirects
2 cs.yellowblue.io cs-server-s2s.yellowblue.io
s.ad.smaato.net
2 stx-match.dotomi.com 2 redirects
2 dt.adsafeprotected.com www.telegram.com
2 pubmatic-match.dotomi.com 2 redirects
2 track.adform.net 2 redirects
2 idsync.rlcdn.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 jp-u.openx.net u.openx.net
2 cr-p3.ladsp.com 2 redirects
2 um.simpli.fi 2 redirects
2 secure.adnxs.com 2 redirects
2 id.a-mx.com 1 redirects a.amxrtb.com
2 image6.pubmatic.com ads.pubmatic.com
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 csi.gstatic.com imasdk.googleapis.com
2 prebid.a-mo.net imprsgmp.taboola.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.gannett-cdn.com www.telegram.com
2 sg-vid-events.taboola.com www.telegram.com
vidstat.taboola.com
2 www.google.com.au www.telegram.com
2 analytics.google.com www.googletagmanager.com
2 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
www.telegram.com
2 reporting-api.gannettinnovation.com www.telegram.com
2 p1.parsely.com www.telegram.com
2 sg-trc-events.taboola.com cdn.taboola.com
2 www.temu.com 1 redirects www.telegram.com
2 ad.doubleclick.net 2 redirects
2 pm-widget.taboola.com cdn.taboola.com
www.telegram.com
2 polarcdn-terrax.com www.telegram.com
2 imasdk.googleapis.com www.telegram.com
imasdk.googleapis.com
2 cdn.confiant-integrations.net www.telegram.com
cdn.confiant-integrations.net
2 cdn.brandmetrics.com www.telegram.com
cdn.brandmetrics.com
1 crb.kargo.com www.telegram.com
1 ads.yieldmo.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 i.liadm.com ssum-sec.casalemedia.com
1 gw-iad-bid.ymmobi.com 1 redirects
1 pbs.yahoo.com cs-server-s2s.yellowblue.io
1 capi.connatix.com cs-server-s2s.yellowblue.io
1 ce.lijit.com cs-server-s2s.yellowblue.io
1 syncv4.intentiq.com s.ad.smaato.net
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com cs-server-s2s.yellowblue.io
1 px.ads.linkedin.com cs-server-s2s.yellowblue.io
1 cdn.undertone.com www.telegram.com
1 cm.ambientdsp.com 1 redirects
1 p.rfihub.com 1 redirects
1 taboola-d.openx.net 1 redirects
1 ow.pubmatic.com www.telegram.com
1 prebid.adnxs.com www.telegram.com
1 id.rtb.mx a.amxrtb.com
1 contextual.media.net cs-server-s2s.yellowblue.io
1 sync.colossusssp.com 1 redirects
1 sa.semasio.net 1 redirects
1 pippio.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 hbx.media.net 1 redirects
1 tg.socdm.com 1 redirects
1 rtb-csync.smartadserver.com s.ad.smaato.net
1 us.ck-ie.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ds.uncn.jp 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 cm.adform.net imprsgmp.taboola.com
1 sync.a-mo.net imprsgmp.taboola.com
1 a.amxrtb.com prebid.a-mo.net
1 ssbsync-us.smartadserver.com 1 redirects
1 jadserve.postrelease.com s.amazon-adsystem.com
1 cs.media.net 1 redirects
1 ads.stickyadstv.com vidstat.taboola.com
1 prebid-server.rubiconproject.com vidstat.taboola.com
1 apex.go.sonobi.com vidstat.taboola.com
1 bh.contextweb.com www.telegram.com
1 vidstatb.taboola.com www.telegram.com
1 sg-match.taboola.com vidstat.taboola.com
1 imprsgmp.taboola.com vidstat.taboola.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com www.telegram.com
1 tpc.googlesyndication.com 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
1 www.google.com www.telegram.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static.criteo.net www.telegram.com
1 googleads.g.doubleclick.net www.telegram.com
1 s0.2mdn.net imasdk.googleapis.com
1 secure.cdn.fastclick.net www.telegram.com
1 cds.taboola.com cdn.taboola.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com www.telegram.com
1 www.googleadservices.com www.telegram.com
1 adservice.google.com www.telegram.com
1 www.googletagmanager.com www.telegram.com
1 beacon.taboola.com cdn.taboola.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 a.teads.tv www.telegram.com
1 grid-bidder.criteo.com www.telegram.com
1 display.bidder.taboola.com www.telegram.com
1 c2.taboola.com www.telegram.com
1 user.telegram.com
1 telegram.com 1 redirects
0 dps.jp.cinarra.com Failed us-u.openx.net
0 cs.nex8.net Failed us-u.openx.net
0 sync-dsp.ad-m.asia Failed us-u.openx.net
0 event.clientgear.com Failed
0 cs.admanmedia.com Failed s.ad.smaato.net
0 csync.loopme.me Failed ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
376 172
Subject Issuer Validity Valid
telegram.com
R10		 2025-05-03 -
2025-08-01		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M04		 2025-03-26 -
2026-04-25		 a year crt.sh
brandmetrics.com
WE1		 2025-04-18 -
2025-07-17		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
confiant-integrations.net
WE1		 2025-05-03 -
2025-08-01		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-18 -
2025-07-17		 3 months crt.sh
usatoday.com
R10		 2025-03-27 -
2025-06-25		 3 months crt.sh
upload.video.google.com
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
*.bidder.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-12-31		 a year crt.sh
teads.tv
R10		 2025-05-12 -
2025-08-10		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2025-05-11 -
2026-06-11		 a year crt.sh
polarcdn-terrax.com
WE1		 2025-03-31 -
2025-06-29		 3 months crt.sh
*.google-analytics.com
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
*.googleadservices.com
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
*.parsely.com
R10		 2025-05-04 -
2025-08-02		 3 months crt.sh
gannettinnovation.com
R10		 2025-03-30 -
2025-06-28		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-07 -
2025-08-07		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03		 2025-01-29 -
2026-02-28		 a year crt.sh
*.doubleclick.net
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-11 -
2025-07-04		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-02-17 -
2026-02-03		 a year crt.sh
*.google.com
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
*.google.com.au
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
tpc.googlesyndication.com
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
pulsepoint.com
Sectigo RSA Organization Validation Secure Server CA		 2025-04-08 -
2026-05-09		 a year crt.sh
*.gstatic.com
WE2		 2025-04-21 -
2025-07-14		 3 months crt.sh
*.a-mo.net
R10		 2025-04-09 -
2025-07-08		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-11 -
2026-02-11		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2024-12-06 -
2026-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-04 -
2026-04-03		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-12-25 -
2026-01-07		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M03		 2024-07-31 -
2025-08-30		 a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA		 2024-08-13 -
2025-09-11		 a year crt.sh
casalemedia.com
E6		 2025-04-08 -
2025-07-07		 3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-11-27 -
2025-11-30		 a year crt.sh
a.amxrtb.com
WE1		 2025-03-20 -
2025-06-18		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-27 -
2025-06-18		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M02		 2024-09-29 -
2025-10-28		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-03 -
2025-09-24		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2025-02-04 -
2025-07-30		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2025-03-10 -
2026-04-09		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-14		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-11 -
2025-12-11		 a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1		 2025-03-12 -
2025-07-04		 4 months crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2024-07-02 -
2025-07-29		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-04-16 -
2026-05-18		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-01-07 -
2025-12-22		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-07-31 -
2025-08-29		 a year crt.sh
*.prod.apse1.green.ops.kargo.com
Amazon RSA 2048 M02		 2024-11-27 -
2025-12-26		 a year crt.sh

This page contains 44 frames:

Primary Page: https://www.telegram.com/
Frame ID: 67CF9A8235D94D75139CA5BDE9C2568E
Requests: 195 HTTP requests in this frame

Frame: blob://https://www.telegram.com/639e2a8a-c536-42b9-bb40-60dfaed99aa1
Frame ID: B86A14EAFA6F1D33DFC07B2EEB95A1E1
Requests: 1 HTTP requests in this frame

Frame: https://www.temu.com/api/adx/cm/pixel-taboola?id=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Frame ID: 6277FA469D8E5034C0D90B7C86474437
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.695.1_en.html
Frame ID: 4C3BFBB85CF47AC85EDE36E599D3FEA2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 43B3C6A5185FE5F1848929A11845AAF7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: CB4ADF15928809EF5F23AA88D0B48D5D
Requests: 1 HTTP requests in this frame

Frame: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Frame ID: 65C6C065D35DBAD394B63670D063BA49
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
Frame ID: 5F6954BFFECCBCFD5E2DFD7CF6B64BFE
Requests: 1 HTTP requests in this frame

Frame: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Frame ID: 6C90E694E90EF7B4D23623D837B9BDC6
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegram.com
Frame ID: CCF3CA71BCA63468D30A522A829D5BDC
Requests: 2 HTTP requests in this frame

Frame: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E20A84D778F50E7173885AA3ADA90EF3
Requests: 18 HTTP requests in this frame

Frame: https://sg-match.taboola.com/sync?dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 46FCFFBE09057F3C4149A918E81F51C4
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=922805&campId=2560x1440&pubId=5708625285&chanId=22126653788&placementId=6972963992&pubCreative=138516301572&pubOrder=3751191092&cb=1188325430&adsafe_par&impId=c0f81c18-2f9a-11f0-8398-ae07cd09f6f2&custom2=direct&custom3=home-front&ias_adpath=.gravity-viewable
Frame ID: 46F0658975DD1E74067783DF45DD049D
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 4213A76375EEE7FE14A3F545B4CBAD47
Requests: 4 HTTP requests in this frame

Frame: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Frame ID: 71340570418D756CAE4E798FBE521687
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: FC0E1571AE7FD1C2B53565C85DD8E611
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 86BE40D5F940008E6E9D7F7367D54DFB
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Frame ID: B782F681CC8484622DCA19DFF8720FF8
Requests: 14 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mcGhKR2JsRTJ1S09fS1oxSy5Mb25sZGpGYlNqT0VQcH5B
Frame ID: 224298AD90C468FCB48EAC479F499C40
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: A346D2FEA168F87EA5E9DB68041D26BD
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6016056465705123898&gdpr=0&gdpr_consent=
Frame ID: FD1E38AF2DD4566C380A4C0657DC7F8A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.telegram.com&gpp=
Frame ID: 6DC34BED276B578C6CA3B3B14B2023F2
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=4945208088227563320&ex=appnexus.com
Frame ID: 2ACF1634E033EDE7D0C9485313C45B1D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3524119969491686977311
Frame ID: 7D9AB8F73A101708B5A9927931913891
Requests: 1 HTTP requests in this frame

Frame: https://nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/notify-hpp-impression?page.url=https%3A%2F%2Fwww.telegram.com%2F&view.id=161310544407137171&page.dashboard=home&sourceItemType=home&platform=DESK&variant=null&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Frame ID: 21CD5A644BC4E085E092DF5DE2613CBC
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: FD15EB16499DF99F364AD7C761E7827F
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
Frame ID: 3FB52E8317C21127006F5110A1BE45C5
Requests: 1 HTTP requests in this frame

Frame: https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Frame ID: A8F3630D70C4A7355D13643FEDC6F8FB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Frame ID: C274703F3DC1BAE6E4A618F88730F7C6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 204077E8A64D98FDECFAFCE435740E49
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11607&uid=KptAALZHeceMtXCFTrGEFLT-
Frame ID: 5F61BC8D61E786869898C629106229B6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
Frame ID: 1B53ECE74C3F7EB4B591D98D72BBB8AA
Requests: 20 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4945208088227563320&gdpr=0&gdpr_consent=
Frame ID: FCF1D4C3BF70A95AD5DEE68978C2254B
Requests: 1 HTTP requests in this frame

Frame: https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Frame ID: 2D9CA4355B4DE8A60E2485DECAD097DA
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Frame ID: 9279348F1DDB7374F7E71F2C9FF6D7A1
Requests: 1 HTTP requests in this frame

Frame: https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Frame ID: AC775D4B9B16F1C43D1065059B8E9319
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cNOn-yfZpqxr3_esJN-4qCDfoqtrifesc9qfpeKV
Frame ID: 4604CFDDA99E0E57ACB048AE83C14A26
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aCKiPgAAAKJcegA_
Frame ID: 41E1F138604BE68C8B7CE614B5790A27
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Frame ID: 6F1A87AA2DD681AB734C1BF50A4D5A9E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 993E10EF43DB456F8944D25829C59C08
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 8E976615913050D4EAAB639622EB43DF
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 67AC55B2A34C15EDB886AAB89C426BB8
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Frame ID: 7DB599302C6EB67580B5FD2ABCECCE97
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Frame ID: 075747085DE83A61E81A38963681E334
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Worcester Telegram : Local News, Politics & Sports in Worcester, MA

Page URL History Show full URLs

  1. http://telegram.com/ HTTP 307
    https://telegram.com/ HTTP 301
    https://www.telegram.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

376
Requests

69 %
HTTPS

0 %
IPv6

95
Domains

172
Subdomains

102
IPs

14
Countries

6545 kB
Transfer

14839 kB
Size

220
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://telegram.com/ HTTP 307
    https://telegram.com/ HTTP 301
    https://www.telegram.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://ad.doubleclick.net/ddm/activity/src=9782452;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292951148040279 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292951148040279 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292951148040279
Request Chain 56
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.telegram.com%2F&c15=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_fpid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_ucfr=&cs_fpit=lo&&cv=4.12&cj=1 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.telegram.com%2F&c15=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_fpid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_ucfr=&cs_fpit=lo&&cv=4.12&cj=1
Request Chain 73
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/ HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Request Chain 74
  • https://ib.adnxs.com/setuid?entity=584&code=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%26gdpr%3D0%26gdpr_consent%3D
Request Chain 89
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1747100215513&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1747100215513&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
Request Chain 91
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=4&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=4&ns_st_dpt=4&ns_st_ipt=4&ns_st_et=4&ns_st_det=4&ns_st_upc=4&ns_st_dupc=4&ns_st_iupc=4&ns_st_upa=4&ns_st_dupa=4&ns_st_iupa=4&ns_st_lpc=4&ns_st_dlpc=4&ns_st_lpa=4&ns_st_dlpa=4&ns_st_pa=4&ns_ts=1747100215517&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=4&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=4&ns_st_dpt=4&ns_st_ipt=4&ns_st_et=4&ns_st_det=4&ns_st_upc=4&ns_st_dupc=4&ns_st_iupc=4&ns_st_upa=4&ns_st_dupa=4&ns_st_iupa=4&ns_st_lpc=4&ns_st_dlpc=4&ns_st_lpa=4&ns_st_dlpa=4&ns_st_pa=4&ns_ts=1747100215517&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
Request Chain 97
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=2defe1ac4f
Request Chain 111
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
Request Chain 128
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=e028401f-2b8a-4983-9f20-5999437e5cf4
Request Chain 168
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=84210e73-8e70-4ea8-aae0-ad4ef18c8cf9
Request Chain 170
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pqCC7ENE2oTlih6GInWU.lVSNa8j1.ya0voh0Q--~A
Request Chain 173
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d
Request Chain 174
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.5x.V85E2oT1RcKiMuO4xr3FEBwNAZ1mrUoSmg--~A
Request Chain 192
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MALUD0BO-1M-8ZKE&ex=d-rubiconproject.com&status=ok
Request Chain 193
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3901018189051804000V10
Request Chain 196
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 199
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mcGhKR2JsRTJ1S09fS1oxSy5Mb25sZGpGYlNqT0VQcH5B
Request Chain 200
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 201
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6016056465705123898&gdpr=0&gdpr_consent=
Request Chain 204
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4945208088227563320&ex=appnexus.com
Request Chain 205
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3524119969491686977311
Request Chain 213
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3DappnexusAst%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=appnexusAst&gdpr=&gdpr_consent=&f=i&uid=4945208088227563320
Request Chain 215
  • https://match.sharethrough.com/universal/v1?supply_id=a6a34444&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dsharethrough%26uid%3D HTTP 302
  • https://sync.a-mo.net/setuid/sharethrough?uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
Request Chain 217
  • https://id.a-mx.com/u?gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Damx_com%26uid%3D&A=5a737115-36cb-4ede-8910-c8d66ada0f7a&F=2 HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=amx_com&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a
Request Chain 218
  • https://rtb.openx.net/sync/prebid?gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=1---&ox_sc=1 HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=openx&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
Request Chain 220
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dpubmatic%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dpubmatic%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 221
  • https://ap.lijit.com/pixel?gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=sovrn&uid=KptAALZHeceMtXCFTrGEFLT-
Request Chain 222
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=appnexus&uid=4945208088227563320
Request Chain 223
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&expiration=1749692218&gdpr=0&gdpr_consent=
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
Request Chain 225
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aCKiOosFVsAAMsGdAHV18gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECj2KJfJol07eKqn22dSy60&google_cver=1
Request Chain 227
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aCKiOosFVsAAMsGdAHV18gAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aCKiOosFVsAAMsGdAHV18gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662137394473015
Request Chain 228
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4945208088227563320
Request Chain 229
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=123&external_user_id=0LdLNqmUWyRyUf4jdQPf-mds5_Y
Request Chain 232
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=7_7X_F80b3VDdVBkVTZEbUVKOXVYOSUyRk1FVlVzWU4lMkZTb1BubEFuTExkOVJFS3YyTSUzRA&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-syBnxJrdHbvWI6tzd28xCGXrqTuGsV0DdqjRSA HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=7_7X_F80b3VDdVBkVTZEbUVKOXVYOSUyRk1FVlVzWU4lMkZTb1BubEFuTExkOVJFS3YyTSUzRA&u=e028401f-2b8a-4983-9f20-5999437e5cf4
Request Chain 233
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d228YZl9EbnRFanVudXlqUTNIYWF2dUZqNDhVenlmRFNrWndRdjZjSmJaYTJRQWk0JTNE%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=228YZl9EbnRFanVudXlqUTNIYWF2dUZqNDhVenlmRFNrWndRdjZjSmJaYTJRQWk0JTNE&u=4945208088227563320&gdpr=0&gdpr_consent=
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-syBnxJrdHbvWI6tzd28xCGXrqTuGsV0DdqjRSA&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dShd-wV9RUHlXYXA5VmZKMDRUaEslMkJrQUhQVndPMFlObFRnJTJGY3lEeDFBd3B6OFFUbyUzRA%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=Shd-wV9RUHlXYXA5VmZKMDRUaEslMkJrQUhQVndPMFlObFRnJTJGY3lEeDFBd3B6OFFUbyUzRA&u=CAESEB1wEPYNQ_rxXjNLYfhspE8&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 235
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2961834579920080504
Request Chain 236
  • https://ds.uncn.jp/mg/0/sync_push HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_282e580a-816f-413f-8ea7-e36f54d69c8e
Request Chain 240
  • https://um.simpli.fi/smaato_p HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001136&dspCookie=41F5D12F86AE4CB083AB2D14A27CCAD6 HTTP 302
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2defe1ac4f&gdpr=0&gdpr_consent=
Request Chain 241
  • https://sync.1rx.io/usersync2/smaato?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/smaato?zcc=1&cb=1747100220580 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004&rndcb=1628408852 HTTP 302
  • https://sync.1rx.io/usersync/turn/2961834579920080504?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004?redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspInit%3D1001678%26dspCookie%3DRX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004 HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=2defe1ac4f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://us.ck-ie.com/smto1.gif?gpp=$GPP_STRING&gpp_sid=$GPP_SID&gdpr=0&gdpr_consent=&us_privacy=$USPrivacy&coppa=$COPPA HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1001914&dspCookie=bfef1ffb556f2ae5797668137b41f955735112b57cc29bdeada46f0f7187c23f HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=2defe1ac4f&gdpr=0&gdpr_consent= HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D2defe1ac4f%26gdpr%3D0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=2defe1ac4f&gdpr=0&gdpr_consent=
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGu5hunwItZJkPjMf8vMfDc&google_cver=1
Request Chain 246
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVwvS4MfgEfqks8AKGiYH-EdXM8AAAGWx0m8VQ
Request Chain 247
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aCKiPMCo8YQAAB.E47EAAAAA
Request Chain 248
  • https://match.adsrvr.org/track/cmf/openx?oxid=4d7f4648-2204-7510-d5e7-6f42ae1c1393&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=4d7f4648-2204-7510-d5e7-6f42ae1c1393&gdpr=0&gdpr_consent=
Request Chain 249
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%3Cvsid%3E&gpp=&gpp_sid= HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3901018189051804000V10
Request Chain 250
  • https://c1.adform.net/serving/cookie/match?party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:52f96822-a23c-4700-a816-a286d2e84807&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 253
  • https://idsync.rlcdn.com/420486.gif?partner_uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI2QTQ4MzI5LUExQUYtNDI4Mi04RDExLUFEODE1MEZCOUVCMhAAGg0IvMSKwQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8ab4dd5bb338f73ef425a78db1053f562b7450113c99eaba635c42315bba2f28791426b5417dce21&_=2
Request Chain 254
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26A48329-A1AF-4282-8D11-AD8150FB9EB2&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26A48329-A1AF-4282-8D11-AD8150FB9EB2&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=26A48329-A1AF-4282-8D11-AD8150FB9EB2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d HTTP 302
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent= HTTP 302
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=4945208088227563320&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6003897296636376560&sInitiator=internal&gdpr=0&gdpr_consent= HTTP 302
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=6003897296636376560&gdpr=0&gdpr_consent=&sInitiator=internal HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=semasio HTTP 302
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=0LdLNqmUWyRyUf4jdQPf-mds5_Y&gdpr=&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=semasio HTTP 302
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=0LdLNqmUWyRyUf4jdQPf-mds5_Y&gdpr=&gdpr_consent= HTTP 302
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6003897296636376560&sInitiator=internal&gdpr=0&gdpr_consent=
Request Chain 255
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=&ct=y
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZBNDgzMjktQTFBRi00MjgyLThEMTEtQUQ4MTUwRkI5RUIy&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC7qFnRKZirf2e4bD2JuNvs&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2fbcf7897b990a6a&is_secure=true&networkId=17100&version=1&nuid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQACsbMBv6wn1wI4t-YyAQEBAQEBAQCXxkjBUQEBAQEBAQEB&expiration=1747186621&nuid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JqSDKaGvQoKNEa2BUPuesg%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEPnno3Qu6WDlI_ErVsbn1pA&google_cver=1
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC7qFnRKZirf2e4bD2JuNvs&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H8XhCptE2uXNHZUQ437yqIl0I5eHvSw-~A&gdpr=0
Request Chain 259
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C949DC6242884B3DB9970167C506A2FF HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 265
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dcolossusssp%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=colossusssp&gdpr=&gdpr_consent=&f=i&uid=395651b3-aa39-46bd-8d4e-d0dd7017dd76
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OTQ3ODYyMjEtYTJmYS00MzIwLWFkMGEtNWVlNzI2MjJjZjY4 HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 268
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=
Request Chain 270
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&gdpr=0&gdpr_consent= HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=57e886eb718d0a41&is_secure=true&networkId=44410&version=1&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AQACv-b6UOcFqQIn4JtzAQEBAQEBAQCXxki_egEBAQEBAQEB&expiration=1747186621&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 271
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=58ceaaf5-c766-4c17-869a-d76e43401714&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11563&id=658fd283-c4a9-49a1-86f4-281f5dce3a86
Request Chain 273
  • https://match.sharethrough.com/universal/v1?gdpr=0&gdpr_consent=&supply_id=5926d422 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
Request Chain 274
  • https://sync.go.sonobi.com/us?consent_string=&gdpr=0&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=115667&uid=6b0c2c1a-ae65-41c3-8419-150d092adef4
Request Chain 275
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11596%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D%24UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11596&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4945208088227563320
Request Chain 277
  • https://s.ad.smaato.net/c/?dspId=1002486&dspCookie=dDUwEa7rkp_s&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.inmobi.com/setuid?bidderID=82&dspUserId=2defe1ac4f HTTP 302
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=7&google_push=&retry= HTTP 302
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=7&google_push=&retry=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7-b8f550a4-a88a-4aac-bf57-0e5ce92c98e0
Request Chain 278
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11607%26uid%3D%24UID HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11607&uid=KptAALZHeceMtXCFTrGEFLT-
Request Chain 279
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=rise_engage HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
Request Chain 281
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-gannett&redirect_domain=www.telegram.com&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=&expires=365 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=e028401f-2b8a-4983-9f20-5999437e5cf4&google_hm=ZTAyODQwMWYtMmI4YS00OTgzLTlmMjAtNTk5OTQzN2U1Y2Y0&gdpr_consent=&gdpr=0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBUrNMVnQkduB9v2t2pGZJw&google_cver=1&ssp=sonobi&bsw_param=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 288
  • https://taboola-d.openx.net/w/1.0/pd HTTP 302
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 289
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&gdpr=0&gdpr_consent=
Request Chain 290
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1978557999580490258
Request Chain 291
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=9a1db44c9c&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&pubid=9a1db44c9c
Request Chain 292
  • https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=0LdLNqmUWyRyUf4jdQPf-mds5_Y
Request Chain 295
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%23PMUID HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 296
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4945208088227563320&gdpr=0&gdpr_consent=
Request Chain 297
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent= HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=193duivsmdwk HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 298
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=adb916ec-2f83-4c04-9029-8d8db71a5702&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D26A48329-A1AF-4282-8D11-AD8150FB9EB2 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 299
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&tc=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=UDmvwoLDsDsjv-Tiea23UhVry9eZt40-_Pu8XC0hJ7M&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&tc=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 300
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&__qcmcs=1 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cNOn-yfZpqxr3_esJN-4qCDfoqtrifesc9qfpeKV
Request Chain 301
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aCKiPgAAAKJcegA_
Request Chain 303
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=26A48329-A1AF-4282-8D11-AD8150FB9EB2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=26A48329-A1AF-4282-8D11-AD8150FB9EB2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8c5adefd-e1be-4d28-b777-2b6b5718469d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=8c5adefd-e1be-4d28-b777-2b6b5718469d%2C%2C
Request Chain 306
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=MALUD0GT-1P-E43L HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=MALUD0GT-1P-E43L
Request Chain 308
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MALUD0GT-1P-E43L
Request Chain 309
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=&expires=30
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7-JVHof3o3JrgXPJFIheU&google_cver=1
Request Chain 311
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YF36X0Wd_tC4PjF9CQDX0cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IEQU5CxE2oKG0XRkvIMPIrStwwnv40VKA2IDCg--~A
Request Chain 313
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MALUD0GT-1P-E43L&ex=d-rubiconproject.com&status=ok
Request Chain 314
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzZmViMTZlZjcyYTU2ZDQ3YTA3NzAwZmNiODVhNjJjY2Y2OGY4OQ
Request Chain 315
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUFMVUQwR1QtMVAtRTQzTA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG-KZtEs5JlafEvAFrAXylw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUFMVUQwR1QtMVAtRTQzTA==&google_push=
Request Chain 317
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADhfE7QRUQAABs2Eliv_w&expires=30
Request Chain 318
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MALUD0GT-1P-E43L
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MALUD0GT-1P-E43L HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MALUD0GT-1P-E43L HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MALUD0GT-1P-E43L&ckls=true&ci=gQ96OIZNep&nc=false&trid=1810506396
Request Chain 320
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MALUD0GT-1P-E43L
Request Chain 321
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=MALUD0GT-1P-E43L
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=MALUD0GT-1P-E43L&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange HTTP 302
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
Request Chain 325
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-NOSIH6VE2uGooD7JlYMMnVwdtvF1eW2f~A&gdpr_in_effect=0
Request Chain 326
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=taboola&bsw_custom_parameter=e028401f-2b8a-4983-9f20-5999437e5cf4&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&ssp=taboola&user_id=ym_user_91390131-68be-4814-8f2e-fe620a11996a&bsw_param=e028401f-2b8a-4983-9f20-5999437e5cf4 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 327
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 328
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D39%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c6e2a932-13e9-4887-a736-6b4a8bcbce97
Request Chain 329
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttl=1749692223
Request Chain 330
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=MALUD0GT-1P-E43L HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
Request Chain 331
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D26A48329-A1AF-4282-8D11-AD8150FB9EB2 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Request Chain 332
  • https://sync.cootlogix.com/api/user/image/55537adc33d1b40300987e8e?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D59%26uid%3D%24%7BvdzUserSyncMacro%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=59&uid=56ef7805-400b-2a7e-dfad-45cda9354750
Request Chain 333
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ln54x4pE2uFm2UctwooodRINBa5CN9fdZwUOuW0-~A
Request Chain 334
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155
Request Chain 339
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=MALUD0GT-1P-E43L HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
Request Chain 342
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=MALUD0GT-1P-E43L HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=MALUD0GT-1P-E43L HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
Request Chain 343
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
Request Chain 348
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADhfE7QRUQAABs2Eliv_w&expiration=1748309824
Request Chain 349
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Z4X6IzCP-3R8iap0M4nlcDeJ_3N836p0ZIwHhsi6
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
Request Chain 351
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=93501e681e984cb98c99bd8ce4e88dd9&expiration=1749692224
Request Chain 352
  • https://t.adx.opera.com/pub/sync?pubid=pub10256699365696&userId=aCKiOosFVsAAMsGdAHV18gAA%264722&gdpr=&us_privacy= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=53130a43f6f4bca1&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10256699365696 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10256699365696 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=225&&external_user_id=OPU5875d76c6e4343c08a532b377af3639c
Request Chain 353
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=aCKiOosFVsAAMsGdAHV18gAA%264722?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=aCKiOosFVsAAMsGdAHV18gAA%264722
Request Chain 363
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=yieldmo&f=i&uid=xIZlGeekixerQEn0mkKX&gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
Request Chain 365
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://www.telegram.com/pbd/setuid?bidder=triplelift&gdpr=&gdpr_consent=&f=i&uid=3524119969491686977311
Request Chain 368
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=UDmvwoLDsDsjv-Tiea23UhVry9eZt40-_Pu8XC0hJ7M&pi=taboola
Request Chain 372
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=UtlEKbrAzcorxzg6r37Ufw==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 374
  • https://pr-bh.ybp.yahoo.com/sync/openx/1948a851-83ea-e6ad-fc64-62788330238c?gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073025&val=y-ommIvilE2p8PY3mNV.WkntSdv7StG_o8LpA-~A
Request Chain 375
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=0LdLNqmUWyRyUf4jdQPf-mds5_Y&gdpr=&gdpr_consent=

376 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.telegram.com/
Redirect Chain
  • http://telegram.com/
  • https://telegram.com/
  • https://www.telegram.com/
196 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5251657bb919c61b181be8b99c0439474b1f2fe6d5a2feedeb7373ed5d4fbc0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
no-store
content-encoding
br
content-length
61229
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 13 May 2025 01:36:54 GMT
document-policy
include-js-call-stacks-in-crash-reports
etag
W/"361f5-0/Y/aS6GtbNOLIgwsm91SJ/8soY"
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
link
<https://user.telegram.com/NTEG-GUP/user/>;rel=preload;as=fetch;crossorigin=use-credentials;fetchpriority=high;nopush;,<https://www.telegram.com/tangstatic/svg/weather/38-q1a2z3e7663062.svg>;rel=preload;as=image;nopush
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
origin-agent-cluster
?1
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
server-timing
gnt_i;desc="07586076759659596215*136557*AU~WA"
strict-transport-security
max-age=63072000;includeSubDomains;preload
vary
Accept-Encoding,User-Agent,Sec-CH-UA-Mobile
x-cache
MISS, HIT, MISS
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
cache-control
max-age=300,private
content-length
0
content-security-policy
upgrade-insecure-requests
date
Tue, 13 May 2025 01:36:53 GMT
document-policy
include-js-call-stacks-in-crash-reports
location
https://www.telegram.com/
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
retry-after
0
vary
User-Agent
x-cache
HIT
/
user.telegram.com/NTEG-GUP/user/ 		830 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://user.telegram.com/NTEG-GUP/user/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e6053ed1b6328733bb1c25206fd7697ff57e3e41ab08a285b4c8975042b4a7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

x-clacks-overhead
GNU Terry Pratchett
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:54 GMT
x-cache
MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/json
x-served-by
cache-per12622-PER
x-cache-hits
0
x-frame-options
DENY
vary
Cookie, Origin
content-security-policy
frame-ancestors 'none'
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy
same-origin
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 varnish
gup-request-id
87b00ebbfe33b4e1dbc17d4a10818950
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
content-length
830
server
nginx
38-q1a2z3e7663062.svg
www.telegram.com/tangstatic/svg/weather/ 		567 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/tangstatic/svg/weather/38-q1a2z3e7663062.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cd3c46b70df0e4bac824fed30198c370c5e936a7cd000e6a7a6dd1700f24b3c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
content-encoding
br
age
2868106
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-cache
HIT, HIT
content-length
320
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Apr 2025 20:07:02 GMT
vary
Accept-Encoding
pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
www.telegram.com/tangstatic/js/ 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c17cc6843c2f2a35e379b75c8256d1911e84809b1200bbbea2c8bedb947a46bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
age
977943
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:54 GMT
last-modified
Thu, 01 May 2025 17:54:26 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
content-length
61244
apstag.js
c.amazon-adsystem.com/aax2/ 		357 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
192e5ebe5d0599945482d0659b1dc0acaf45249af5c7cbb247602c4bf6fc8226

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"59ceee0284cad7e25644678a9eb52f8d"
age
1468
via
1.1 f10eedb52fc0d82204e85d20112deafa.cloudfront.net (CloudFront), 1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
yKNhc789lnhsuBEJppWeZrgxEpHMB0qubcukXCbgHb_2V8-XwXUQ7w==
date
Tue, 13 May 2025 01:12:27 GMT
content-type
application/javascript
last-modified
Mon, 12 May 2025 18:19:18 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P3
x-amz-server-side-encryption
AES256
iasPET.1.js
static.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcf00cd9560807936e43f98d96521848750ca505b08849a58d00e13cc0172519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

vary
Accept-Encoding
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
fU2W6OA3Z0za8p6WJ5Ffy6bWaG8eYkIk
etag
W/"8154739d59f60027b338aff6bcd17698"
age
42859
via
1.1 546f1a6cf093f647d0add0b2e5d6ccf4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Mb5wAmUVO9rtdlTQATa4iMytApgzF59rXwiIQlD2sC6JA72FrbcIMA==
date
Mon, 12 May 2025 13:42:37 GMT
content-type
application/javascript
last-modified
Wed, 26 Feb 2025 14:29:56 GMT
server
AmazonS3
x-amz-cf-pop
SFO53-P4
x-amz-server-side-encryption
AES256
gannett_net.js
cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d61b1539c6c52e4fba4143ef482f6de54ab7bb7e542699bdbe17c409e4f23fe0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
1581
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L33hSoEEx8AkNgDoFBQM8qmuKE7iqUqz7pBY%2BGwUblXqh31lrd650GJZN57HKgB6Of%2Btbo%2FYCzqU0l9JIOq3dZWxyge3c5BY3uwS5JfK1KEnyBAEWl9%2FxRZmbefrZVRpSEyJ2Vy8"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
93ee6d73ebe23ea8-PER
server-timing
cfL4;desc="?proto=TCP&rtt=707&min_rtt=702&rtt_var=118&sent=6&recv=9&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2304&delivery_rate=6024965&cwnd=253&unsent_bytes=0&cid=6006c15f4c082f42&ts=112&x=0"
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript;charset=utf-8
last-modified
Tue, 13 May 2025 01:10:33 GMT
vary
Accept-Encoding
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
a9bc8d65804406cfea413aded40335dfde7f94c5165edd14f037058170f31c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
904 / 20221 / m202505070101 / config-hash: 2052351561028034098
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33781
x-xss-protection
0
server
cafe
main-q1a2z37f3c0ca1.min.js
www.telegram.com/tangstatic/js/ 		90 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/tangstatic/js/main-q1a2z37f3c0ca1.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c55692917b896faff47e64426324f597c848f364f509cf2c3c97948f4b477756
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
age
451747
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
x-cache
MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 20:06:22 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
content-length
34798
loader.js
cdn.taboola.com/libtrc/gannett-network/ 		3 MB
426 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gannett-network/loader.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b734731f17d4044c10b35dc53a79cafe9c596f860267f596988636139b5826c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"d41d593f3562275491642d46f294804d"
x-amz-version-id
P3ZA79mS_bUzpgxiW1epsA_EzdA7p48W
age
5379
x-cache
HIT
date
Tue, 13 May 2025 01:36:54 GMT
last-modified
Tue, 13 May 2025 00:04:50 GMT
x-served-by
cache-per12627-PER
x-cache-hits
0
content-type
application/javascript; charset=utf-8
x-amz-id-2
b+8+CBCTIJNMX3aD0XSzIehtw4tM95snPMyBuVbQvAATdeXfXEnkr2i6WB/fikTJQdbapd4CIt4=
vary
Accept-Encoding
x-amz-replication-status
FAILED
cache-control
private,max-age=14401
x-timer
S1747100214.381868,VS0,VE1
via
1.1 varnish
x-amz-request-id
F4TQXD44CVK8H9BV
accept-ranges
bytes
access-control-allow-origin
*
abp
74
content-length
435136
server
AmazonS3
x-amz-server-side-encryption
AES256
config.js
cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/ 		364 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234a484c18b7a4da4ba042eb3a692bb84c21d10625a643084ae365d2b231c853

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3f22de7f8e5df8ed18ba4631dbc4a174"
age
39
alt-svc
h3=":443"; ma=86400
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript
last-modified
Tue, 13 May 2025 01:08:20 GMT
vary
Accept-Encoding
x-amz-id-2
3zFkfzSuMazioSRu6THOhM2FmUbaibCHUF/DW/bH0ZZ05cn/0/9+qHC9sTbyRhx/eE8a7BdRnhw=
cache-control
public, max-age=900, stale-while-revalidate=3600
x-amz-request-id
J2J4XJVQYQEHV53X
cf-ray
93ee6d73f8de8ac7-PER
accept-ranges
bytes
content-length
79050
server
cloudflare
x-amz-server-side-encryption
AES256
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09ff51e8da83c9e21d60dfe0362dd8ba6757e563659f1ab043779e1dd5118b4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
ghows-WT-870bac9f-e184-75de-e053-0100007f4eae-480b0b02.jpeg
www.telegram.com/gcdn/authoring/2019/04/21/NTEG/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/2019/04/21/NTEG/ghows-WT-870bac9f-e184-75de-e053-0100007f4eae-480b0b02.jpeg?crop=2415,1365,x0,y263&width=660&height=370&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd779c774737a2331f5ff124bb83dccf1815975e773372dcd257403804058c7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"K161owBzwQlsUa9IELrTpWOPgOgKCAWEseK67KPMvdA"
age
973725
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
52460
83578806007-495964683-1255628329901055-8857210515360883133-n.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/12/NTEG/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/12/NTEG/83578806007-495964683-1255628329901055-8857210515360883133-n.jpg?crop=2047,1152,x0,y383&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4351a826d252d7bd56986c85f2ec8dc4df6a9802544a1bbdc76d0ac62ad2fe2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"pAM+BvbkoTMctuiTZA6pRLQnc1b76DvmD2BZze19NtI"
age
40559
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
5568
83573125007-img-1426-1.jpeg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/11/NTEG/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/11/NTEG/83573125007-img-1426-1.jpeg?crop=3631,2043,x0,y340&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d97c16805f7a040c01922bd2f96d08ce6aa5195805ba5c3cc7728b7d5b88966
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"r3jPgqIoaQscxMzxo0tQN0kXWvXqFS2KYScT0Z4UBe8"
age
93692
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
9806
83535434007-caitlin-mc-carthy-mom.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/83535434007-caitlin-mc-carthy-mom.jpg?crop=1999,1126,x0,y236&width=210&height=118&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d95fdd2d1e96a6cffe5812ad4c8239bf1577e5bccbbdc8bb19bd2b1b36124f53
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"woK9aib12mVaPPS0SEtwipNqRv9kuPvdyd06KrVAKKE"
age
55766
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
6474
83514385007-1-gs-03282.JPG
www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/PIND/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/PIND/83514385007-1-gs-03282.JPG?crop=8043,4524,x0,y419&width=660&height=371&format=pjpg&auto=webp&quality=40
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5692d857a5158f9631fb4e57913a16f78550a2e5e1748cb5029607a4a5a7665
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"zMdew8r5whp8nt08pgX7sZPqBn1lB72cq+S+Df9voUY"
age
147855
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
6726
json
gum.criteo.com/sid/ 		360 B
944 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&pbt=1&lsw=1&topUrl=https%3A%2F%2Fwww.telegram.com%2F&domain=www.telegram.com
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
66666979b07edac2f09a2a80bee2462aed9e9108e0cd23412652eb3dbf80a5e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
482582
expires
0
access-control-allow-origin
https://www.telegram.com
date
Tue, 13 May 2025 01:36:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
adx
securepubads.g.doubleclick.net/gampad/ 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/adx?t=position%3Dnative-front_tile&iu=7103%2Fma-worcester-C6718%2Fnative-front_tile%2Fhomepage&sz=2x3&cust_params=utm_props%3D%7C%7C%26navigationtype%3Ddirect%26cst_section%3Dhomepage%26pageType%3Dhome-front%26property%3DNTEG%26sitepage%3DNTEG%2Fhome%26ssts_section%3Dhome%26aam_props%3Dtangent-desktop%7Cdesktop%7Chomefront%26build%3Dtangent-desktop%26fs%3D1%26gnt_sb%3D15%26gnt_ub%3D73%26variant%3D0150_C&pageId=1747100214251_965745308&tfcd=0&c=315092899642937
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
0610b722754b2060c2a6e37b06caa574049e9ea5bd0ca3e93ae5a2c9a3104ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
google-lineitem-id
5530045802
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/html; charset=UTF-8
google-creative-id
138329820277
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.telegram.com
content-length
2347
x-xss-protection
0
server
cafe
newsroom.js
c2.taboola.com/nr/gannettdigital-telegram/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/gannettdigital-telegram/newsroom.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fb968b59b75a32e51e0d734a96ecb8484d65c52b5e28929ba97842117a5f302

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"165765ab5698b962f0b3db2373155762"
x-amz-version-id
null
age
0
access-control-allow-methods
GET, HEAD, POST
x-cache
HIT
date
Tue, 13 May 2025 01:36:55 GMT
last-modified
Fri, 24 Jan 2025 18:24:26 GMT
content-type
application/javascript
x-served-by
cache-per12625-PER
x-cache-hits
0
x-amz-id-2
ddi3T/9YJ9f0ADmuBNGttAZSFDQXQP+RuiUn7udV4cqV5q0sT6doRGUOFvK/aRKFfOmB+0cBVvs=
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=14400
x-timer
S1747100214.495951,VS0,VE508
via
1.1 varnish
x-amz-request-id
S60R5RMM47R4VAJ7
accept-ranges
bytes
access-control-allow-origin
*
content-length
17780
server
AmazonS3
x-amz-server-side-encryption
AES256
global-q1a2z3ozsBpGfp9W84Jl6keIsaoYV1RXQ.min.json
www.telegram.com/ 		8 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/global-q1a2z3ozsBpGfp9W84Jl6keIsaoYV1RXQ.min.json
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e81f803ec5d847037afc33fd5d186d6eb5718441a66dee2f139fd9f0be400a77
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
W/"ozsBpGfp9W84Jl6keIsaoYV1RXQ"
age
1253155
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/json; charset=utf-8
feature-policy
camera 'none';display-capture 'none';geolocation 'none';microphone 'none';payment 'none';usb 'none';xr-spatial-tracking 'none'
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';object-src 'none'
cache-control
public,immutable,max-age=315360000
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-resource-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
script-src https: blob: 'unsafe-inline' 'unsafe-eval' 'self';base-uri 'self';report-uri https://reporting-api.gannettinnovation.com;report-to default
permissions-policy
camera=(),display-capture=(),geolocation=(),microphone=(),payment=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
content-length
1697
x-xss-protection
1; mode=block
origin-agent-cluster
?1
main.js
www.telegram.com/gcdn/dcjs/prod/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/dcjs/prod/main.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d28cbab65889a35ed2833e0fb12c9247079b80d48ff7a972ef30b24477b118b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"377e7f57193bf8cdc4b864cc99cf5b4c"
age
369893
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
last-modified
Thu, 08 May 2025 18:51:59 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=3800
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
document-policy
include-js-call-stacks-in-crash-reports
accept-ranges
bytes
access-control-allow-origin
*
content-length
15532
83516566007.webvtt.m3u8
hlsmedia.gannett-cdn.com/_captions/ 		151 B
380 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/_captions/83516566007.webvtt.m3u8
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
477deb4efb95e902d59fe353e9982a535a6858b08e96aaec8d5135c2ca3a8455

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

fastly-stats
otfp=1
x-timer
S1747100215.517551,VS0,VE0
age
27387
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
151
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/x-mpegurl
x-served-by
cache-iad-kjyo7100030-IAD, cache-per12626-PER
server
otfp
x-cache-hits
330, 16
ias-3.5.1.min.js
www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/ias/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/ias/ias-3.5.1.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ec7fb38dc02cbe463429e410e7dc633ce5ab60c62c0315a39402594fbea4bf39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"2da89163c9ea3ab73a481d439b443f2a"
age
3603642
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript
last-modified
Tue, 30 Jul 2019 20:30:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
document-policy
include-js-call-stacks-in-crash-reports
content-length
5228
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		450 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.170.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
tc-in-f95.1e100.net
Software
cafe /
Resource Hash
cc5c00324a14a300e4d79186b44c6c7edd00e5346f2b01f39638a13fb3e185b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
3130166300152169872
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
145376
x-xss-protection
0
server
cafe
streamsense-5.1.1.160316.min.js
www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/comscore/ 		88 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/comscore/streamsense-5.1.1.160316.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e0f3e088896d15c5b2d1a0396fe84159eeee608a535c6f4e62992c927e8434f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"a0c60599a9512a64d6caa9126cf57de4"
age
2664692
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript
last-modified
Tue, 30 Jul 2019 21:59:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
document-policy
include-js-call-stacks-in-crash-reports
content-length
14269
hls.1.2.8.min.js
www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/ 		336 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/hls.1.2.8.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5980f09e5cb8857d98a18c0cfbe2df38121660591a1895178a9498f10562e470
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"369a64cc5e9fe50d54fc81683d5e7ed2"
age
3855339
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript
last-modified
Tue, 06 Dec 2022 19:33:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
document-policy
include-js-call-stacks-in-crash-reports
content-length
82670
tangent-bundle-2d8382b3.min.js
www.telegram.com/gcdn/gannett-web/apps/teal/dist/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/tangent-bundle-2d8382b3.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
663c0f7a1a47e617a7cdca5fa1811089f8d71187f4776819acb588ff1057d8a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"53590f2ff8965f75076fe21cceef8ba7"
age
4037629
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript
last-modified
Wed, 29 Jan 2025 18:55:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, immutable, max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
document-policy
include-js-call-stacks-in-crash-reports
content-length
18966
71597358007-loc-fire-truck-2.jpg
www.telegram.com/gcdn/authoring/authoring-images/2023/11/15/NTEG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2023/11/15/NTEG/71597358007-loc-fire-truck-2.jpg?crop=1320,1319,x400,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fcce7e97d0bbdac55dc90c9b24c5278a5fdcd496735b3413a3055aa0f7ed5105
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"x/S8igQ3go3LZ0jZAV5OHPTe/m8tnRes39wf4FUfK20"
age
31954
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-amz-meta-mtime
1700081720.351
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-amz-meta-md5chksum
mt3wZ7F64wn/EcHi/kFMxA==
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
2034
83576504007-then-now-0512-promo.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/12/NTEG/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/12/NTEG/83576504007-then-now-0512-promo.jpg?crop=1352,1351,x200,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7e1149726c77d57ba2a21187da7fed5aa1996ab3f40f45a9f0b311ee54c0555
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"MNShSATox5tT/4cQlkhK3pw3YXb4JYW9zRUXggeBOU4"
age
54344
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1720
83512091007-clara.png
www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/NTEG/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/NTEG/83512091007-clara.png?crop=599,600,x0,y119&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe76acee770b0eee3f87904b865c1d53b0cd6e8c8ae715a33e7636c517823a51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"oT1U4AKMwztwC+nUAovXJLPCR4VfZKVm0keDejb9/zY"
age
144552
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1504
83525536007-img-7911.jpeg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/83525536007-img-7911.jpeg?crop=3024,3023,x403,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97336e0a476d36ccc186b228330d7176dbcbf89df965d2115b6222113c730290
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"4p9uuBMEZKtAwgjGpvyCsFkpCBliHUy3MS0wWcMlXK8"
age
205460
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
2522
83545455007-ice-protest-may-9-2025.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/10/NWOR/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/10/NWOR/83545455007-ice-protest-may-9-2025.jpg?crop=1440,1439,x0,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb722e282b6bf8169532684f7150fa60413f937424457b717289dd14ecd58370
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"h8yksq1/7iCVDgA+3g50M/t2sPel7BEuXl5d8yaWHSg"
age
254752
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1890
cookie_sync
www.telegram.com/pbd/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/pbd/cookie_sync
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9f78e4d188c3ae490f497f283095dc4b02184e8f5519642556a01d45d207be1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-per12622-PER
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100214.458033,VS0,VE56
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block
auction
www.telegram.com/pbd/openrtb2/ 		20 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/pbd/openrtb2/auction
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2160ddade86aac5f114c63d444e34cf01d429d47022974fc651235e0a4376e5e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
observe-browsing-topics
?1
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/json
vary
accept-encoding
x-cache-hits
0
x-served-by
cache-per12622-PER
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1747100214.471677,VS0,VE652
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block
auction
display.bidder.taboola.com/OpenRTB/TaboolaHB/ 		0
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction?publisher=1774981
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

x-openrtb-version
0.0
x-envoy-upstream-service-time
4
x-timer
S1747100215.563932,VS0,VE90
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-cache
MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/json;charset=utf-8
x-served-by
cache-per12628-PER
server
nginx
x-cache-hits
0
x-nlb
nlb-bidder602
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		0
488 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.30.0&cb=69395402724&lsavail=1&networkId=1493
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.172 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.telegram.com
date
Tue, 13 May 2025 01:36:54 GMT
vary
Origin
server
Kestrel
bid-request
a.teads.tv/hb/ 		439 B
797 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.201 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6881ee301afb23521140db5092aadaa1ccaa218e5e052be7dbc49f6c0dc94f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
Tue, 13 May 2025 01:36:55 GMT
access-control-allow-origin
https://www.telegram.com
content-length
320
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/json
vary
Accept-Encoding
auction
www.telegram.com/pbd/openrtb2/ 		353 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/pbd/openrtb2/auction
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90231d77f7f22c07ebd97dc0d2e8066c9d0fdf52902e03b7d6a62829768f8072
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
observe-browsing-topics
?1
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/json
vary
accept-encoding
x-cache-hits
0
x-served-by
cache-per12622-PER
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
timing-allow-origin
*
cache-control
no-store
x-timer
S1747100214.478465,VS0,VE442
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block
eUdPVnUvb0YzczUvcC9odHRwcyUzQSUyRiUyRnd3dy50ZWxlZ3JhbS5jb20lMkYvJTdCJTIydmlzaXRvcklkJTIyJTNBJTIyYmM3OGU1ZTktNzUwNS00NTQyLTg3MjEtYmU0OWRjYzc0MzYyJTIyJTJDJTIyZXZlbnRUeXBlJTIyJTNBJTIyaG9tZS1wYWdlLXZpZ...
www.telegram.com/ 		7 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/eUdPVnUvb0YzczUvcC9odHRwcyUzQSUyRiUyRnd3dy50ZWxlZ3JhbS5jb20lMkYvJTdCJTIydmlzaXRvcklkJTIyJTNBJTIyYmM3OGU1ZTktNzUwNS00NTQyLTg3MjEtYmU0OWRjYzc0MzYyJTIyJTJDJTIyZXZlbnRUeXBlJTIyJTNBJTIyaG9tZS1wYWdlLXZpZXclMjIlMkMlMjJyZWZlcnJlclVyaSUyMiUzQSUyMiUyMiUyQyUyMnVzZXJJbmZvJTIyJTNBJTdCJTIydXNlcklkJTIyJTNBJTIyOGY1YmM5NTMtM2JhNi00MTg0LTg3YzUtYjdlMTI3Y2M0ZDJhJTIyJTdEJTJDJTIyYXR0cmlidXRlcyUyMiUzQSU3QiUyMnNpdGVfY29kZSUyMiUzQSU3QiUyMnRleHQlMjIlM0ElNUIlMjJOVEVHJTIyJTVEJTdEJTJDJTIycGxhdGZvcm0lMjIlM0ElN0IlMjJ0ZXh0JTIyJTNBJTVCJTIydGFuZ2VudCUyMiU1RCU3RCU3RCU3RA
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
server-timing
gfet4t7; dur=541
x-cache
MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
vary
Origin,Referer
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
x-frame-options
DENY
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
cache-control
no-store
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
cross-origin-opener-policy
same-origin
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
content-length
7
x-xss-protection
1;mode=block
origin-agent-cluster
?1
NTEG-TEALIUM-TANGENT.json
www.telegram.com/gcdn/dcc/prod/ 		29 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/dcc/prod/NTEG-TEALIUM-TANGENT.json
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9d19ee53cd3c1b78270b5e1f5a0fd85e7a9d128546c7816b5dd978a8122fdef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"40e063ff3b1420a0d4913be9387c3aab"
age
39136
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
last-modified
Tue, 06 May 2025 21:32:06 GMT
content-type
application/json
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=3800
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
document-policy
include-js-call-stacks-in-crash-reports
accept-ranges
bytes
access-control-allow-origin
*
content-length
5410
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.telegram.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/f5e47f5ae82e4c48bbc1a7f9281ed95b/gannett_net.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26af6aca61fd970a9677edfce26ed421b7c690743d3b142efbd80495bbe2e3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpLg8Brd5pSZFhuwRLsBapSgXmvIrrmFhEOKWJBixlGBVEBjn%2BfsOZKkPoX0d7EepcMngUDkhZE5lcxLibJza7afS6MGCSzp1gCdCEsD4tn8AN%2F0BrwDqcTudXXlZTUu7KPoBblS"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-ray
93ee6d74acf13ea8-PER
server-timing
cfL4;desc="?proto=TCP&rtt=2220&min_rtt=687&rtt_var=3084&sent=11&recv=13&lost=0&retrans=0&sent_bytes=6851&recv_bytes=2450&delivery_rate=6024965&cwnd=257&unsent_bytes=0&cid=6006c15f4c082f42&ts=227&x=0"
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript;charset=utf-8
last-modified
Tue, 13 May 2025 01:20:22 GMT
vary
Accept-Encoding
server
cloudflare
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202505081041/ 		337 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202505081041/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/r5TdgVvkbv-PeaJCKaQfCh5Xsto/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5524d239c17c80b98ab3ce31e7a5df59ff442569bfb57bdbe21ad79afd5fdd13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"bcfb28b0541662840d8faa2843be7d1b"
age
377122
alt-svc
h3=":443"; ma=86400
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 08 May 2025 16:47:14 GMT
vary
Accept-Encoding
x-amz-id-2
Y/O/GqdVLUVHBF0tnOsY/+/JGnWZJlATMMiBuZh1C1Pag39W5HzkxHUL1JDjzlm7XChDAYM6xjM=
cache-control
public, max-age=31536000
x-amz-request-id
X161PR0JM1VMA70E
cf-ray
93ee6d758a458ac7-PER
accept-ranges
bytes
content-length
121407
server
cloudflare
x-amz-server-side-encryption
AES256
v1
match.sharethrough.com/FGMrCMMc/ 		0
0
c.js
collector.brandmetrics.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.telegram.com&rnd=1589430&json
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=6384de98-7e2a-4671-b441-6ea4cb092952&toploc=www.telegram.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Access-Control-Allow-Origin
https://www.telegram.com
Content-Length
0
Date
Tue, 13 May 2025 01:36:55 GMT
Content-Type
application/json
Vary
Origin
Access-Control-Allow-Credentials
true
43c8c81881c449419d409e59578facfd
polarcdn-terrax.com/nativeads/v1.4.0/json/creative/promofeed/ 		14 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/creative/promofeed/43c8c81881c449419d409e59578facfd?fragment=7
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.136.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e43a63a8d592b8e1c057c99a30de20409378e1bf5cc7a40869c176acef4f1aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
max-age=300
timing-allow-origin
*
content-encoding
gzip
access-control-expose-headers
X-Country, CF-Ray
etag
W/"56cca547d0894d6933b4c3170688f6b3"
cf-ray
93ee6d76ad98863d-PER
access-control-allow-origin
*
date
Tue, 13 May 2025 01:36:55 GMT
x-country
AU
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
cloudflare
load.js
pm-widget.taboola.com/gannett-network/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/gannett-network/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b00f4e66cb48d7b0d89774476dea3b2b346e380f958b0761f6a81c82076fb975

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-amz-version-id
EoypuQM_dU6kMdxeDe0meivb5AUGIptz
etag
"510f07a75cc96225bee70291a5d8fb37"
age
5
x-cache
HIT
date
Tue, 13 May 2025 01:36:54 GMT
last-modified
Thu, 06 Mar 2025 11:11:11 GMT
x-served-by
cache-per12624-PER
x-cache-hits
1
content-type
application/javascript; charset=utf-8
x-amz-id-2
m4YCcMBPBzsNsghc5U0ZX05CHG9ujsjA/AJ/N67RDElq6UskhmIavRg0aD6qPAft1hCPi/T0DI8=
vary
Accept-Encoding,
cache-control
max-age=3600
x-timer
S1747100215.884663,VS0,VE1
via
1.1 varnish
x-amz-request-id
DF2P64J19S52MK86
accept-ranges
bytes
access-control-allow-origin
*
content-length
1680
server
AmazonS3
sync
gum.criteo.com/ 		46 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
388291
expires
60
date
Tue, 13 May 2025 01:36:54 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
/
beacon.taboola.com/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.taboola.com/?ab=trecs&pub=gannettdigital-telegram&trecsImpl=before&start=0&end=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

cache-control
private, no-store
retry-after
0
x-timer
S1747100215.029087,VS0,VE0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-cache
HIT
date
Tue, 13 May 2025 01:36:55 GMT
content-type
x-served-by
cache-per12627-PER
server
Varnish
x-cache-hits
0
json
hp.taboola.com/gannettdigital-telegram/trc/3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/gannettdigital-telegram/trc/3/json?llvl=2&tim=09%3A36%3A54.804&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2237164%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1747100214804%2C%22cv%22%3A%2220250512-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8294%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Top%20Headlines%22%2C%22orig_uip%22%3A%22HP%20Top%20Headlines%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20More%20Top%20Stories%22%2C%22orig_uip%22%3A%22HP%20More%20Top%20Stories%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20More%20Top%20Stories%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%2CHP%20Top%20Headlines%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1747094670937%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F12%2Fworcester-city-hall-closed-council-meeting%2F83588292007%2F%22%2C%22%2Fstory%2Fbusiness%2F2025%2F05%2F12%2Fbrodys-diner-shrewsbury-crash%2F83578363007%2F%22%2C%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F11%2Fprotesters-fill-common-in-reaction-to-recent-ice-raid-arrests-by-pd%2F83569696007%2F%22%2C%22%2Fstory%2Fnews%2F2025%2F05%2F10%2Fworcesters-caitlin-mccarthy-demands-apology-from-fda-on-use-of-des%2F83519776007%2F%22%5D%7D&tbu=afcb2006-3de7-4134-8fbe-e637a0ce20ff
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32cf4c2a344ac4742305dd2aef97130ac0e78cc469b2a7f62436ac0af2ae1744

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
79489
x-timer
S1747100215.955712,VS0,VE196
x-vcl-time-ms
196
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.6289583333333334
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505070101/ 		533 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505070101/pubads_impl.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
d85d8045c3323bb6c38be62d519945902d89cbcbb967df83eb2fb96c5e20fe1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
3475695901111260459
age
4568
x-content-type-options
nosniff
expires
Wed, 13 May 2026 00:20:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 00:20:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
171751
x-xss-protection
0
server
cafe
639e2a8a-c536-42b9-bb40-60dfaed99aa1
https://www.telegram.com/ Frame B86A 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.telegram.com/639e2a8a-c536-42b9-bb40-60dfaed99aa1
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202505081041/wrap.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02523659c8495313995f313f55d3f7542a70b96e84350aa2769059d9f3537603

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
application/javascript
Content-Length
2991
sd
www.telegram.com/gciaf/prod/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gciaf/prod/sd
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/dcjs/prod/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.com/

Response headers

report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
x-cache
MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
application/json; charset=utf-8
feature-policy
autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
vary
Origin,Referer
x-frame-options
DENY
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
no-store
timing-allow-origin
*
cross-origin-opener-policy
same-origin
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
permissions-policy
autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.188.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
387b8c3e63ed8f329be606d3d616e4f8cad48596c2040aa638b9c73896d3784e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires
Tue, 13 May 2025 01:36:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1075:0
content-length
117956
x-xss-protection
0
server
Google Tag Manager
p-q1a2z32AvpW5NZ.min.js
www.telegram.com/gcdn/dcjs/prod/p/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/gcdn/dcjs/prod/p/p-q1a2z32AvpW5NZ.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4e8cfde282fd024d54edff75ca3608cc1f2ed38c56b2ee3829257df1b58e70a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"87fbfda2750410690ebcd42aa75c8ab9"
age
2785696
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
last-modified
Thu, 19 Sep 2024 18:03:48 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
public,immutable,max-age=315360000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
document-policy
include-js-call-stacks-in-crash-reports
accept-ranges
bytes
access-control-allow-origin
*
content-length
17361
;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292951148040279
adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=9782452;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292...
  • https://ad.doubleclick.net/ddm/activity/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;...
  • https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;g...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292951148040279
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Server
64.233.188.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 01:36:55 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"13329691544144774376"}],"aggregatable_trigger_data":[{"filters":[{"14":["89171070"]}],"key_piece":"0xca5f5d52d16774d7","source_keys":["12","13","14","15","16","17","18","19","20","21","27839736","27839737","27839738","27839739","905555844","905555845","905555846","905555847"]},{"key_piece":"0xdd8c9712623ed233","not_filters":{"14":["89171070"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","27839736","27839737","27839738","27839739","905555844","905555845","905555846","905555847"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"27839736":43,"27839737":43,"27839738":43,"27839739":4237,"34790676":163,"34790677":163,"34790678":163,"34790679":15892,"647443660":655,"647443661":655,"647443662":655,"647443663":63569,"905555844":65,"905555845":65,"905555846":65,"905555847":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"8614484216804161038","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13329691544144774376","filters":[{"14":["89171070"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13329691544144774376","filters":[{"14":["89171070"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13329691544144774376","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13329691544144774376","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9782452"]}}
content-type
image/png
cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/src=9782452;dc_pre=CMmV6r2nn40DFdyW6QUdfRkaGw;type=visits;cat=ganne0;u1=telegram.com/;u3=home;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=0;gdpr=;gdpr_consent=;ord=1;num=1292951148040279
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
0
x-xss-protection
0
server
cafe
conversion_async.js
www.googleadservices.com/pagead/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.187.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f154.1e100.net
Software
cafe /
Resource Hash
2ca0d41ccde59292175bbe73b990102bceb36e16bd961785bc7674a5923249b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
7106414181866715500
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 13 May 2025 01:36:55 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
23007
x-xss-protection
0
server
cafe
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.telegram.com%2F&c15=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_fpid=8f5bc9...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.telegram.com%2F&c15=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_fpid=8f5bc...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.telegram.com%2F&c15=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_fpid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_ucfr=&cs_fpit=lo&&cv=4.12&cj=1
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
18.65.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-122.syd3.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
eiQetkD2gKw_epdaaZzW-FSEo4jclhZct0zLvWsqp-bF9L5AS3fpHA==
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P1

Redirect headers

location
/p2?c1=2&c2=6035223&c5=home&category=home&comscorekw=home_tangent&c6=home&c4=https%3A%2F%2Fwww.telegram.com%2F&c15=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_fpid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&cs_ucfr=&cs_fpit=lo&&cv=4.12&cj=1
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
mF3pyfDKmr53Ffm_xiMsgh9TTr8FBdJaFuLWILCeH4pz9B9_RfgE9g==
date
Tue, 13 May 2025 01:36:55 GMT
x-amz-cf-pop
SYD3-P1
pmk-20220605.22.js
pm-widget.taboola.com/gannett-network/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/gannett-network/pmk-20220605.22.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c0440363490d06208dd1e4e0b9bbea4d73a2ce3802099cf2241c06e4bb95b7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-amz-version-id
HfyfdzVYpHmFytlxS.SpICUsxchycAUJ
etag
"25b9a8b6889e3f70b908edb56c66e9f2"
age
621040
access-control-allow-methods
GET,POST,PUT
x-cache
HIT
date
Tue, 13 May 2025 01:36:55 GMT
last-modified
Thu, 06 Mar 2025 11:11:10 GMT
x-served-by
cache-per12625-PER
x-cache-hits
62
content-type
application/javascript; charset=utf-8
x-amz-id-2
ujbHOgbz8bqt9yQEuXSEvZjxvmUGk5Oro5o5A5wPStasA3OpRnvrxF5/l2i1rwi6y0MalbW13KKnX6UEol09ElUcRJBurE/qW7JZWr8yUAo=
vary
Accept-Encoding, ,Origin
cache-control
max-age=31536000
x-timer
S1747100215.181651,VS0,VE0
via
1.1 varnish
x-amz-request-id
N9KBZ66J0DKFTN9D
accept-ranges
bytes
access-control-allow-origin
*
content-length
24277
server
AmazonS3
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
9097
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Zd8dn6s1va17ZPa-4NpxDKUqvwO1J4QafeogjXLc7p0bJszGPXxkeQ==
date
Mon, 12 May 2025 23:19:35 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 8dadf490fcfee4214b49a3509dc76616.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD62-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
3062
config.aps.amazon-adsystem.com/configs/ 		531 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3062
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.32.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-72.syd3.r.cloudfront.net
Software
CloudFront /
Resource Hash
67aa9c00bb722eab161c27a43a42bb4fe100b5f510bcf1b24df876ec2afcfe8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
max-age=3600
age
1088
via
1.1 af9df879c48ca18a8b67eda7edecc4a4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
z_vrHkYjRTHHnnK--23I4jGNpsNaSglU5iIMSzvNeLLnhf25sHbUuw==
date
Tue, 13 May 2025 01:18:47 GMT
content-type
application/javascript
x-amz-cf-pop
SYD3-P2
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		641 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3062&u=https%3A%2F%2Fwww.telegram.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.21.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-21-92.syd62.r.cloudfront.net
Software
Server /
Resource Hash
f3e3353bd01e767ff59da7875dc275115913898a536f5542349fcce15b66a48b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
9797
access-control-allow-credentials
true
via
1.1 6eb4925a459e5104745cfd7f77596766.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.telegram.com
x-cache
Hit from cloudfront
content-length
641
x-amz-cf-id
QQJ65Tsynq1JY_pBUzvSxViOM5svXkpxtVtsr1fzFarNadxQ3Mx-oA==
date
Mon, 12 May 2025 22:53:37 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
SYD62-P3
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		231 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3062&u=https%3A%2F%2Fwww.telegram.com%2F&pid=qqyaSKcTxn0JL&cb=0&ws=1600x1200&v=25.508.1943&t=1500&slots=%5B%7B%22sd%22%3A%22ad-slot-7103-ma-worcester-C6718-high_impact-homepage-1-ac1%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fma-worcester-C6718%2Fhigh_impact%2Fhomepage%2F1%22%7D%2C%7B%22id%22%3A%22videoPlayer_plcmt2%22%2C%22mt%22%3A%22v%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-ma-worcester-C6718-inline_flex-homepage-2-ac1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F7103%2Fma-worcester-C6718%2Finline_flex%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-ma-worcester-C6718-poster_front-homepage-5-ac1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F7103%2Fma-worcester-C6718%2Fposter_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-ma-worcester-C6718-poster_scroll_front-homepage-6-ac1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%2C%22sn%22%3A%22%2F7103%2Fma-worcester-C6718%2Fposter_scroll_front%2Fhomepage%2F1%22%7D%2C%7B%22sd%22%3A%22ad-slot-7103-ma-worcester-C6718-leaderboard_btf-homepage-10-ac1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F7103%2Fma-worcester-C6718%2Fleaderboard_btf%2Fhomepage%2F1%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sg=%7B%22ortb2%22%3A%7B%22site%22%3A%7B%22name%22%3A%22The+Worcester+Telegram+%26+Gazette%22%2C%22domain%22%3A%22telegram.com%22%2C%22cattax%22%3A7%2C%22cat%22%3A%5B%221020%22%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22page%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22mobile%22%3A1%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22telegram.com%22%7D%2C%22keywords%22%3A%22%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22brandsafety%22%3A%22%22%2C%22section%22%3A%22homepage%22%2C%22subsection%22%3A%22%22%2C%22topic%22%3A%5B%22%22%5D%7D%7D%7D%7D%7D&sm=5ac496e5-2139-4020-a0d7-8e9dbe162ab9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&rt=j
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.97.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-97-211.syd62.r.cloudfront.net
Software
Server /
Resource Hash
4a4870b07852c150659378fa26175236f01f7cac7bb6ea0509102c10f90c19e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 482a1ea4dd283bc043aa76fee74514f6.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.telegram.com
x-cache
Miss from cloudfront
content-length
210
x-amz-cf-id
F7qh9t42ZYwOmtE6iZo6zuRRwTfLzW-Av1xUDsdP9XvDueRqQd5_yQ==
date
Tue, 13 May 2025 01:36:54 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
SYD62-P1
server
Server
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age
148
x-cache
HIT
date
Tue, 13 May 2025 01:36:55 GMT
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
x-served-by
cache-per12627-PER
x-cache-hits
491
content-type
application/javascript
x-amz-id-2
KkAQxGI3UpBOXG9ELDm5gGs0GqDysM8FjLixF84OVLMxBvu12FZKs75BAruFfvyRgN10lw5+U+U=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private, max-age=3600
x-timer
S1747100215.282119,VS0,VE0
via
1.1 varnish
x-amz-request-id
BDQMCB3XE2XFBDX6
accept-ranges
bytes
access-control-allow-origin
*
abp
44
content-length
1347
server
AmazonS3
x-amz-server-side-encryption
AES256
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
age
6542
x-cache
HIT
date
Tue, 13 May 2025 01:36:55 GMT
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
x-served-by
cache-per12627-PER
x-cache-hits
1604596
content-type
application/javascript
x-amz-id-2
mRB8o42cR97kKO/5HPoK84KTiF3GwGGd8gnsP3PPC5XtThYUQFvfAaftB+TOkRtIn8PkUnEJlow=
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
private,max-age=14400
x-timer
S1747100215.282727,VS0,VE0
via
1.1 varnish
x-amz-request-id
8W0B1VHAAFR6MMPT
accept-ranges
bytes
access-control-allow-origin
*
abp
69
content-length
125
server
AmazonS3
json
hp.taboola.com/gannettdigital-telegram/trc/3/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/gannettdigital-telegram/trc/3/json?llvl=2&tim=09%3A36%3A55.260&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2256544%22%2C%22sd%22%3A%22v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA%22%2C%22ui%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1747100214804%2C%22cv%22%3A%2220250512-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8294%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20News%20Bundle%22%2C%22orig_uip%22%3A%22HP%20News%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Sports%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Sports%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20News%20Bundle%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%2CHP%20Sports%20Bundle%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_2%22%2C%22lbt%22%3A1747094670937%2C%22uifp%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F12%2Fworcester-city-hall-closed-council-meeting%2F83588292007%2F%22%2C%22%2Fstory%2Fbusiness%2F2025%2F05%2F12%2Fbrodys-diner-shrewsbury-crash%2F83578363007%2F%22%2C%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F11%2Fprotesters-fill-common-in-reaction-to-recent-ice-raid-arrests-by-pd%2F83569696007%2F%22%2C%22%2Fstory%2Fnews%2F2025%2F05%2F10%2Fworcesters-caitlin-mccarthy-demands-apology-from-fda-on-use-of-des%2F83519776007%2F%22%5D%7D&tbu=afcb2006-3de7-4134-8fbe-e637a0ce20ff
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e2522b065cefa424e8d9eacc85d5f7c20deb3d31cb5cdcca78f1057e7baf511

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
82133
x-timer
S1747100215.292903,VS0,VE159
x-vcl-time-ms
159
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.5758333333333333
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
pubs-generic
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
95 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/pubs-generic?route=SG%3ASG%3AV&lti=trecs&ri=7aeb81b1b80240e056c8a1637457dbd2&sd=v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&pi=%2F&wi=1259362818905553127&pt=home&vi=1747100214804&tim=09%3A36%3A55.254&id=23757&llvl=2&cv=20250512-4-RELEASE&tbu=afcb2006-3de7-4134-8fbe-e637a0ce20ff&d=%7B%22data%22%3A%22%7B%5C%22type%5C%22%3A%5C%22SUCCESS%5C%22%2C%5C%22reason%5C%22%3A%5C%22swapInitialized%5C%22%7D%22%2C%22type%22%3A%22fallback%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
83395
pragma
no-cache
x-timer
S1747100215.310528,VS0,VE85
x-vcl-time-ms
85
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
event-tracker
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
94 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/event-tracker?ri=7aeb81b1b80240e056c8a1637457dbd2&sd=v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&pi=%2F&wi=1259362818905553127&pt=home&vi=1747100214804&tim=09%3A36%3A55.259&id=61147&llvl=2&cv=20250512-4-RELEASE&route=SG%3ASG%3AV&lti=trecs&tvi48=23831&tvi50=20575&tvi62=18148&tbu=afcb2006-3de7-4134-8fbe-e637a0ce20ff&d=%7B%22type%22%3A%22event-tracker-data%22%2C%22data%22%3A%7B%22publisherUnitsList%22%3A%5B%7B%22eventType%22%3A%22init%22%7D%5D%7D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
79467
pragma
no-cache
x-timer
S1747100215.311115,VS0,VE82
x-vcl-time-ms
82
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
83496653007-loc-ralphs-then.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/07/NTEG/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/07/NTEG/83496653007-loc-ralphs-then.jpg?crop=1213,1212,x393,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
000084bbc4f7080d08fd4b597d645d61e5ae5880a8651aea7dc5c9b080abf8cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"XnevpvlXnmCpRd4feZ0GpcF8Fi6TLFr94a0wVr1mpfM"
age
144627
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1352
76944124007-12122024-mv-attleboro-mayor-6.JPG
www.telegram.com/gcdn/authoring/authoring-images/2024/12/12/NENT/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2024/12/12/NENT/76944124007-12122024-mv-attleboro-mayor-6.JPG?crop=4285,4285,x873,y6&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
50d41a2274b00e3ffbff806ca81b2f2e9fd98d99a7695ecd9fb2c7c497ac4717
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"LoUgq9t1IqMFg0mUMx3wmmV0xqHvcVKs8uLf2gPIDUY"
age
146056
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
2356
ghows_gallery-CC-602009999-bbfd1dcb.jpg
www.telegram.com/gcdn/-mm-/aa3b9d3c9cbd93aa72c8102815e60bbacb595d61/c=990-0-2658-1668/local/-/media/2020/09/17/Hyannis/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/-mm-/aa3b9d3c9cbd93aa72c8102815e60bbacb595d61/c=990-0-2658-1668/local/-/media/2020/09/17/Hyannis/ghows_gallery-CC-602009999-bbfd1dcb.jpg?crop=smart&fit=crop&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bfa4ffdc90db2bae494a756134d132551c28c2dcac857ac60342743fdd30c43a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"0z6uncUA03CObNAf25HRdccP3OT//puZPmmk+5VToFA"
age
232590
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=31536000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
994
74084724007-usatsi-13455352.jpg
www.telegram.com/gcdn/authoring/authoring-images/2024/06/13/PWIL/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2024/06/13/PWIL/74084724007-usatsi-13455352.jpg?crop=2518,2517,x691,y0&width=75&height=75&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c045bb35b9198ba263c207840a7cf676e75985fad10bbe0aceef046803c2280
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"2C61yp9GpI4E6Rqv6lgfiXGWPQblBQ5o41GaIaoSv3M"
age
583785
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1210
pubs-generic
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/pubs-generic?route=SG%3ASG%3AV&lti=trecs&ri=7aeb81b1b80240e056c8a1637457dbd2&sd=v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&pi=%2F&wi=1259362818905553127&pt=home&vi=1747100214804&tim=09%3A36%3A55.267&id=24758&llvl=2&cv=20250512-4-RELEASE&tbu=afcb2006-3de7-4134-8fbe-e637a0ce20ff&d=%7B%22data%22%3A%22%7B%5C%22type%5C%22%3A%5C%22MEASUREMENT%5C%22%2C%5C%22reason%5C%22%3A%5C%22hp4uFirstCardSwapped%5C%22%2C%5C%22message%5C%22%3A%5C%221923.10%5C%22%7D%22%2C%22type%22%3A%22fallback%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
84300
pragma
no-cache
x-timer
S1747100215.311967,VS0,VE86
x-vcl-time-ms
86
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
get-action
nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/ 		132 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/get-action?page.url=https%3A%2F%2Fwww.telegram.com%2F&view.id=161310544407137171&page.template=home&page.dashboard=home&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/gannettdigital-telegram/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
616c5b6de68c1c0fdcc13b4cab29ef36efb72fbe1df2f3c04ff02d10759ed2ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

tbl-x-upstream
10.34.49.236:80
access-control-allow-methods
GET,POST,PUT
x-cache
MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/json;charset=UTF-8
x-served-by
cache-per12627-PER
x-cache-hits
0
vary
Origin
x-envoy-upstream-service-time
115
x-timer
S1747100215.313625,VS0,VE200
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-application-context
front-page-event-server:production
content-length
132
server
nginx
pixel-taboola
www.temu.com/api/adx/cm/ Frame 6277
Redirect Chain
  • https://sync.taboola.com/sg/temurtbnative-network/1/rtb/
  • https://www.temu.com/api/adx/cm/pixel-taboola?id=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.temu.com/api/adx/cm/pixel-taboola?id=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.194.58 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 13 May 2025 01:36:56 GMT
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
accept-encoding
strict-transport-security
max-age=31536000
yak-timeinfo
1747100216203|4
x-timer
S1747100216.075631,VS0,VE262
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
via
1.1 varnish
x-gateway-request-id
1747100216203-47e13a79fbe2630ff18a69bd54731e0d-20
accept-ranges
none
cip
103.108.231.246
server
nginx

Redirect headers

x-fastly-to-nlb-rtt
46644
location
https://www.temu.com/api/adx/cm/pixel-taboola?id=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
date
Tue, 13 May 2025 01:36:55 GMT
server
nginx
access-control-allow-credentials
true
bounce
ib.adnxs.com/ Frame 6277
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=584&code=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%26gdpr%3D0%26gdpr_consent%3D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
103.43.91.8 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1045.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.246; 103.108.231.246; 1045.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a2531721-34e2-41e7-b5d2-3185535f9d11
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D584%26code%3D7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%26gdpr%3D0%26gdpr_consent%3D
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
103.108.231.246; 103.108.231.246; 1045.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
ebdba889-f426-4c08-b425-b78d12f29242
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
social
sg-trc-events.taboola.com/gannettdigital-telegram/log/3/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sg-trc-events.taboola.com/gannettdigital-telegram/log/3/social?lti=trecs&ri=7aeb81b1b80240e056c8a1637457dbd2&sd=v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&pi=%2F&wi=1259362818905553127&pt=home&vi=1747100214804&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.telegram.com%2Ftangstatic%2Fsites%2Fnteg%2Fog-image-q1a2z3ba2c7e6c.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

access-control-allow-origin
https://www.telegram.com
cache-control
no-cache
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:56 GMT
pragma
no-cache
server
nginx
access-control-allow-credentials
true
notify-impression
nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/ 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/notify-impression?page.url=https%3A%2F%2Fwww.telegram.com%2F&view.id=161310544407137171&page.template=home&page.dashboard=home&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-envoy-upstream-service-time
0
tbl-x-upstream
10.34.1.86:80
x-timer
S1747100215.491267,VS0,VE86
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
x-application-context
front-page-event-server:production
date
Tue, 13 May 2025 01:36:55 GMT
x-served-by
cache-per12624-PER
server
nginx
x-cache-hits
0
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1747100215327&plid=2e7bae94-2450-4b82-b8ac-8ad2b628a7b7&idsite=telegram.com&url=https%3A%2F%2Fwww.telegram.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%2C%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%7D&tagManager=gciAnalytics%3Aprod%3A0.407.2%3ANTEG-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2Fwww.telegram.com%2F&sref=&sts=1747100215321&slts=0&title=Worcester+Telegram+%3A+Local+News%2C+Politics+%26+Sports+in+Worcester%2C+MA&date=Tue+May+13+2025+09%3A36%3A55+GMT%2B0800+(Australian+Western+Standard+Time)&action=pageview&pageDomain=www.telegram.com&js=1&pvid=788e478f-a379-4cfe-9736-511808452297&u=pid%3Da8d2a097-3fe0-40e8-8656-f978f309845c
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.220.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-220-137.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

Cache-Control
no-cache
Content-Length
43
Date
Tue, 13 May 2025 01:36:56 GMT
Content-Type
image/gif
Last-Modified
Tuesday, 13-May-2025 01:36:56 GMT
Server
nginx
Connection
keep-alive
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

access-control-allow-origin
*
cache-control
no-store
date
Tue, 13 May 2025 01:36:56 GMT
server
nginx
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202505080101/ 		64 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202505080101/gpt
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
2f4e461046f3bb7885829e48f8dab784f2b1e65c8a115742488762af28829d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5808547447683133843
age
38134
x-content-type-options
nosniff
expires
Mon, 19 May 2025 15:01:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 May 2025 15:01:21 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23401
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202505080101"
client-logs
reporting-api.gannettinnovation.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reporting-api.gannettinnovation.com/client-logs
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/main-q1a2z37f3c0ca1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.com/

Response headers
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.131.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-131-47.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
etag
"d734-5f2f3919e751f-gzip"
expires
Tue, 13 May 2025 01:51:55 GMT
accept-ranges
bytes
content-length
17407
date
Tue, 13 May 2025 01:36:55 GMT
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
pub
pixel.adsafeprotected.com/services/ 		855 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=922805&slot=%7Bid:ad-slot-7103-ma-worcester-C6718-high_impact-homepage-1-ac1,s:1000.250,p:7103/ma-worcester-C6718/high_impact/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-ma-worcester-C6718-inline_flex-homepage-2-ac1,s:300.250,p:7103/ma-worcester-C6718/inline_flex/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-ma-worcester-C6718-poster_front-homepage-5-ac1,s:300.250,p:7103/ma-worcester-C6718/poster_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-ma-worcester-C6718-poster_scroll_front-homepage-6-ac1,s:300.250,p:7103/ma-worcester-C6718/poster_scroll_front/homepage,t:display%7D&slot=%7Bid:ad-slot-7103-ma-worcester-C6718-leaderboard_btf-homepage-10-ac1,s:728.90,p:7103/ma-worcester-C6718/leaderboard_btf/homepage,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=dcb2677a-8c00-db61-4bc7-b3ccd8faf5c1&url=https%253A%252F%252Fwww.telegram.com%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.64.153.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-153-132.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
90c0e6385ebdfec465a8c98359ccff1bfe84e02525feb1bfe6c3799d892ccb17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

access-control-allow-origin
https://www.telegram.com
access-control-expose-headers
X-Server-Name
timing-allow-origin
*
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/json
access-control-allow-credentials
true
iasADX.js
static.adsafeprotected.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasADX.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-amz-version-id
S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
etag
W/"c700d1e14608af0f21adaf6e08ac2cf5"
age
292914
x-cache
Hit from cloudfront
x-amz-cf-id
kkoncesLOkftXcO5TBskJn_Vcc-9sbOG3HraqOBrNnhzy63sR7m1pQ==
date
Fri, 09 May 2025 16:15:02 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 14 Feb 2022 12:59:56 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=604800
via
1.1 546f1a6cf093f647d0add0b2e5d6ccf4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_m&anid:922805&sessionId:dcb2677a-8c00-db61-4bc7-b3ccd8faf5c1
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.64.153.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-153-132.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 13 May 2025 01:36:55 GMT
pragma
no-cache
content-type
image/gif
83514385007-1-gs-03282.JPG
www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/PIND/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/PIND/83514385007-1-gs-03282.JPG?crop=8043,4524,x0,y419&width=660&height=371&format=pjpg&auto=webp&quality=40
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/main-q1a2z37f3c0ca1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5692d857a5158f9631fb4e57913a16f78550a2e5e1748cb5029607a4a5a7665
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"zMdew8r5whp8nt08pgX7sZPqBn1lB72cq+S+Df9voUY"
age
147855
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:54 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
6726
bridge3.695.1_en.html
imasdk.googleapis.com/js/core/ Frame 4C3B 		832 KB
263 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.695.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.170.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
tc-in-f95.1e100.net
Software
sffe /
Resource Hash
afea105e2021c43fa7d4e5244c93981f34c1b3c53dcaade1f774dcbef177c496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
467271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
268458
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 07 May 2025 15:49:05 GMT
expires
Thu, 07 May 2026 15:49:05 GMT
last-modified
Wed, 30 Apr 2025 15:32:54 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 43B3 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
sffe /
Resource Hash
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
231
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Tue, 13 May 2025 02:33:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:33:04 GMT
last-modified
Tue, 19 Nov 2024 15:43:57 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
15725
x-xss-protection
0
server
sffe
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.23.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tg-in-f149.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:56 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
16746
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_s...
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1747100215513&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
18.65.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-122.syd3.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
O79uk4j0ej4_JBMgZnAHyTjiD0B-HHBhWfCguFG7V_Gn7E-cDzRH-w==
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P1

Redirect headers

location
/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1747100215513&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=4&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
qRy_ru0Y2JhKmJTbfz9SlF5dGkY7jFx_3ty7opqmYovvUbKRAuT67Q==
date
Tue, 13 May 2025 01:36:55 GMT
x-amz-cf-pop
SYD3-P1
/
p1.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1747100215517&plid=2e7bae94-2450-4b82-b8ac-8ad2b628a7b7&idsite=telegram.com&url=https%3A%2F%2Fwww.telegram.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%2C%22userStatus%22%3A%22unauthenticated%22%2C%22userType%22%3A%22anonymous%22%7D&tagManager=gciAnalytics%3Aprod%3A0.407.2%3ANTEG-TEALIUM-TANGENT&sid=1&surl=https%3A%2F%2Fwww.telegram.com%2F&sref=&sts=1747100215321&slts=0&date=Tue+May+13+2025+09%3A36%3A55+GMT%2B0800+(Australian+Western+Standard+Time)&action=videostart&metadata=%7B%22duration%22%3A62000%2C%22image_url%22%3A%22%22%2C%22pub_date_tmsp%22%3A%22%22%2C%22title%22%3A%22IndyStar+2025+Sports+Mom+of+the+Year+opens+arms+to+all+Lawrence+North+students%22%2C%22author%22%3A%22Grace+Smith%22%2C%22section%22%3A%22sports%22%2C%22tags%22%3A%5B%22tag%3AHigh+School+Sports%22%2C%22ssts%3Asports%3Ahigh-school%22%5D%2C%22video_platform%22%3A%22TealPlayerDefault%22%2C%22link%22%3A%2283516566007%22%7D&pvid=788e478f-a379-4cfe-9736-511808452297&vsid=cdb54c2c-d6f3-40ed-8329-d3458545b720&u=pid%3Da8d2a097-3fe0-40e8-8656-f978f309845c
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.220.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-220-137.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

Cache-Control
no-cache
Content-Length
43
Date
Tue, 13 May 2025 01:36:56 GMT
Content-Type
image/gif
Last-Modified
Tuesday, 13-May-2025 01:36:56 GMT
Server
nginx
Connection
keep-alive
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_s...
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=4&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=4&ns_st_dpt=4&ns_st_ipt=4&ns_st_et=4&ns_st_det=4&ns_st_upc=4&ns_st_dupc=4&ns_st_iupc=4&ns_st_upa=4&ns_st_dupa=4&ns_st_iupa=4&ns_st_lpc=4&ns_st_dlpc=4&ns_st_lpa=4&ns_st_dlpa=4&ns_st_pa=4&ns_ts=1747100215517&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
18.65.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-122.syd3.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
d6WtUSBWkvmVFi2nHs7GJdBmHZAKQkKXF6RVMTXtVqJWtifCnzBT3Q==
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P1

Redirect headers

location
/p2?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=4&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=4&ns_st_dpt=4&ns_st_ipt=4&ns_st_et=4&ns_st_det=4&ns_st_upc=4&ns_st_dupc=4&ns_st_iupc=4&ns_st_upa=4&ns_st_dupa=4&ns_st_iupa=4&ns_st_lpc=4&ns_st_dlpc=4&ns_st_lpa=4&ns_st_dlpa=4&ns_st_pa=4&ns_ts=1747100215517&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
KOqeCSE6cxI6_TvFB4sZcL009QtiWhSr48QLg1YJ7rFZNsKI1gFBYw==
date
Tue, 13 May 2025 01:36:55 GMT
x-amz-cf-pop
SYD3-P1
json
hp.taboola.com/gannettdigital-telegram/trc/3/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/gannettdigital-telegram/trc/3/json?llvl=2&tim=09%3A36%3A55.535&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2284908%22%2C%22sd%22%3A%22v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA%22%2C%22ui%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1747100214804%2C%22cv%22%3A%2220250512-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8294%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Entertainment%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Entertainment%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Life%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Life%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Entertainment%20Bundle%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%2CHP%20Life%20Bundle%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_3%22%2C%22lbt%22%3A1747094670937%2C%22uifp%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F12%2Fworcester-city-hall-closed-council-meeting%2F83588292007%2F%22%2C%22%2Fstory%2Fbusiness%2F2025%2F05%2F12%2Fbrodys-diner-shrewsbury-crash%2F83578363007%2F%22%2C%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F11%2Fprotesters-fill-common-in-reaction-to-recent-ice-raid-arrests-by-pd%2F83569696007%2F%22%2C%22%2Fstory%2Fnews%2F2025%2F05%2F10%2Fworcesters-caitlin-mccarthy-demands-apology-from-fda-on-use-of-des%2F83519776007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39bb74908ba1e7a9da4405c0636194d47fde7ba8a5786dd6c405e6ab48572c69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
79450
x-timer
S1747100216.561657,VS0,VE173
x-vcl-time-ms
173
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.6289583333333334
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
83540777007-new-pope-1.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/83540777007-new-pope-1.jpg?crop=619,348,x0,y248&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53a8b7c563d032bf1badf0221f5bea70fda125da3fd2bb33e4a0862f187d0c14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"n9FjQxxON6+TdI/+NWo2iPcVXLH7C+8QEhIkXFd49lI"
age
145797
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
5316
7805ce95-4801-421f-ad61-ad4f955d0d11-AERIAL_06_BB.JPG
www.telegram.com/gcdn/presto/2022/01/05/NPRJ/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/presto/2022/01/05/NPRJ/7805ce95-4801-421f-ad61-ad4f955d0d11-AERIAL_06_BB.JPG?crop=1999,1125,x0,y91&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8142670e0628237a356dcea7be7f385fb496850d03100243cbaeeba4aa6b176
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"lXx7ehE/tPC+/hwKupReP8+aQJxNVHE4CXlmIs2TFC8"
age
42957
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
4006
71597358007-loc-fire-truck-2.jpg
www.telegram.com/gcdn/authoring/authoring-images/2023/11/15/NTEG/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2023/11/15/NTEG/71597358007-loc-fire-truck-2.jpg?crop=1999,1125,x0,y0&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41af82ef4407a0800db364b17ddc8aa779a9fca336f17a2d6627c801e70f7e5b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"a6Pt0rW5jDRHkLzD3GdQVajuIcWaIxSGAU19kAJKFA4"
age
31957
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-amz-meta-mtime
1700081720.351
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-amz-meta-md5chksum
mt3wZ7F64wn/EcHi/kFMxA==
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
4192
83525536007-img-7911.jpeg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/09/NTEG/83525536007-img-7911.jpeg?crop=4031,2268,x0,y0&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1bb8595f791d266d79ffb6a5f221bca184125458acf43d4bdc87b13b72024f09
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"R4LFhAVNKoz25B9isMp7yxZ2GcCbPAfPHO/V1XFxe5Y"
age
205461
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
6014
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&gdpr=&gdpr_consent=
  • https://www.telegram.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=2defe1ac4f
86 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=2defe1ac4f
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100217.865867,VS0,VE51
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

via
1.1 google
cache-control
no-cache, must-revalidate
location
https://www.telegram.com/pbd/setuid?bidder=smaato&gdpr=&gdpr_consent=&f=i&uid=2defe1ac4f
content-length
5
date
Tue, 13 May 2025 01:36:56 GMT
content-type
text/plain; charset=utf-8
681e397e2058f9d8df4ee58a
polarcdn-terrax.com/image/v1.0.0/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polarcdn-terrax.com/image/v1.0.0/bin/681e397e2058f9d8df4ee58a?v=2ace1&h=120&w=120&autocrop=1
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.136.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64ae6a7e1e6fea86665658af9a91204ba10d484b1e7c364e7b4cb428dea8c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

access-control-max-age
432000
cf-bgj
h2pri
cf-cache-status
HIT
access-control-allow-methods
GET
x-varnish
2058407660
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/jpeg
last-modified
Mon, 12 May 2025 13:21:29 GMT
vary
Accept-Encoding
cache-control
public, max-age=432000
timing-allow-origin
*
via
1.1 varnish
cf-ray
93ee6d7c491a863d-PER
accept-ranges
bytes
access-control-allow-origin
*
content-length
3614
server
cloudflare
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/994302621/?random=1747100215753&cv=9&fst=1747100215753&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.telegram.com%2F&tiba=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.188.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tk-in-f154.1e100.net
Software
cafe /
Resource Hash
ff8f800ebaea556915e26410971140d023c034dc24211c0734000cca5b0c5be6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
1890
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
json
hp.taboola.com/gannettdigital-telegram/trc/3/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/gannettdigital-telegram/trc/3/json?llvl=2&tim=09%3A36%3A55.808&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2247625%22%2C%22sd%22%3A%22v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA%22%2C%22ui%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1747100214804%2C%22cv%22%3A%2220250512-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8294%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Business%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Business%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22HP%20Opinion%20Bundle%22%2C%22orig_uip%22%3A%22HP%20Opinion%20Bundle%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Business%20Bundle%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%2CHP%20Opinion%20Bundle%3Dorganic-hp-swap-mode%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_4%22%2C%22lbt%22%3A1747094670937%2C%22uifp%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F12%2Fworcester-city-hall-closed-council-meeting%2F83588292007%2F%22%2C%22%2Fstory%2Fbusiness%2F2025%2F05%2F12%2Fbrodys-diner-shrewsbury-crash%2F83578363007%2F%22%2C%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F11%2Fprotesters-fill-common-in-reaction-to-recent-ice-raid-arrests-by-pd%2F83569696007%2F%22%2C%22%2Fstory%2Fnews%2F2025%2F05%2F10%2Fworcesters-caitlin-mccarthy-demands-apology-from-fda-on-use-of-des%2F83519776007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17477a37d9e537be4df6b4e7a175941005926ec99b7e63e172d0133a16547b56

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 13 May 2025 01:36:55 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
83622
x-timer
S1747100216.834892,VS0,VE153
x-vcl-time-ms
153
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.551875
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
82711610007-spt-opening-day-2025-1.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/03/28/NTEG/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/03/28/NTEG/82711610007-spt-opening-day-2025-1.jpg?crop=1999,1125,x0,y33&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9039a865dc750de8d6f43b966bb7899d79d64d114f24b87271d21431501ad445
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"a35S268NlfHeoU5oId7fy+wH9kwfMhHv/fAHo2ONcwE"
age
494853
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
5226
83119375007-getty-images-519028725.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/04/16/NPAL/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/04/16/NPAL/83119375007-getty-images-519028725.jpg?crop=1999,1125,x0,y187&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47e9726b8798946664ba70e13fc1d61da22401b607f441415e92dd07a359719b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"zAON+h0j4sjT+4NwM0r1zyQki+qTnsIcPK9YmvO6kwU"
age
394077
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
4982
83460459007-judy-collins-shervin-lainez.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/05/NWOR/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/05/NWOR/83460459007-judy-collins-shervin-lainez.jpg?crop=1919,1079,x0,y0&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d6ff93c886418f26fc6115eed6ce3c228b731946f293d31c4f6ac4dc14181ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"PYrQRr/E2pFcQRXdW+4iVLn4ouWfb/REr93g5VqKxAg"
age
403578
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1610
83407294007-173295-3022.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/02/NSTT/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/02/NSTT/83407294007-173295-3022.jpg?crop=2999,1687,x0,y0&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e7eb635a1dbd32afd921a86adb6cad6534a9185a2800242a007068ad88b9cab5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"JQmC8cYxYgOg7xU5BTkh0jTvHHF9UEtNCnm9DSyFxgI"
age
904471
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
3994
78616228007-getty-images-1460071699.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/02/14/NPAL/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/02/14/NPAL/78616228007-getty-images-1460071699.jpg?crop=2120,1193,x0,y141&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72b2ec344c9c431be9ad0cec4550b87635447ac0765e7784b6eaff4094b1dd90
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"JI5ncbxvCJAbBtPOIQJ7mcxy+aEr/y5o0O4ENsPnNhY"
age
419631
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
4086
83417281007-tia-zakher-caveman-method.png
www.telegram.com/gcdn/authoring/authoring-images/2025/05/02/USAT/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/02/USAT/83417281007-tia-zakher-caveman-method.png?crop=1639,923,x0,y0&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a69224ca1f4efcee832d4bdc14c804c1097091e8208f1a45c10587ac9b8d52a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"sBw1ZjeF2cNFEEhJhuKQaoRl146D0iGYeFmG5K2wUKI"
age
875455
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT, MISS, MISS
date
Tue, 13 May 2025 01:36:55 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
3112
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame CB4A 		101 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
sffe /
Resource Hash
ddf2fc5945f40f5232c85438df3bffdb015cbe3a151b54311423d1ec694fc5f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29002
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 May 2025 00:51:34 GMT
expires
Tue, 13 May 2025 01:41:34 GMT
last-modified
Mon, 12 May 2025 19:41:57 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.173 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8b9649ecf99400f7fefce2ec3568d60386481da0991d4cb519b901aa4aca6c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67ece34f-a612"
cross-origin-resource-policy
cross-origin
expires
Wed, 14 May 2025 01:36:56 GMT
access-control-allow-origin
*
date
Tue, 13 May 2025 01:36:56 GMT
content-type
text/javascript
last-modified
Wed, 02 Apr 2025 07:12:15 GMT
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2882803057601261&correlator=3225036856007423&eid=31090591%2C31091748%2C31092364%2C95353385%2C83321072%2C31086810&output=ldjh&gdfp_req=1&vrg=202505070101&ptt=17&impl=fifs&tfcd=0&iu_parts=7103%2Cma-worcester-C6718%2Chigh_impact%2Chomepage%2Cinline_flex%2Cposter_front%2Cposter_scroll_front&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F5%2F3%2C0%2F1%2F6%2F3&prev_iu_szs=320x50%7C1000x250%7C970x250%7C970x90%7C970x66%7C728x90%7C2x4%7C1x2%7C2560x1440%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%7C300x1050&fluid=height%2C0%2C0%2C0&ifi=1&didk=2774428102~3164123400~126160930~926604440&dids=ad-slot-7103-ma-worcester-C671~ad-slot-7103-ma-worcester-C671~ad-slot-7103-ma-worcester-C671~ad-slot-7103-ma-worcester-C671&adfs=142625109~~3105512652~&sfv=1-0-44&fsbs=1%2C1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1747100215976&lmt=1747100215&adxs=-12245933%2C-9%2C1010%2C-9&adys=-12245933%2C-9%2C745%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.telegram.com%2F&vis=1&psz=1600x268%7C0x-1%7C300x268%7C0x-1&msz=970x250%7C0x-1%7C300x250%7C0x-1&fws=4%2C2%2C516%2C2&ohw=1600%2C0%2C1600%2C0&topics=9&tps=9&htps=10&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGKDVprrsMkgAUgIIZA..&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1747100214205&idt=1360&ppid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&prev_scp=position%3Dhigh_impact%26adCount%3D1%26hb_ap_id%3D50349531%26hb_ap%3D0.01%26hb_adid%3D1040e265955e2fb48%26hb_size%3D970x250%26id%3Dc0f81c18-2f9a-11f0-8398-ae07cd09f6f2%26nsf%3Dparamount%2Cparamount-high_impact%2Cmomentum%7Cposition%3Dinline_flex%26adCount%3D1%26id%3Dc0f81c19-2f9a-11f0-8398-ae07cd09f6f2%26vw%3D40%7Cposition%3Dposter_front%26adCount%3D1%26id%3Dc0f81c1a-2f9a-11f0-8398-ae07cd09f6f2%7Cposition%3Dposter_scroll_front%26adCount%3D1%26hb_ap_id%3D3425476%26hb_ap%3D0.70%26hb_adid%3D103de1144f6d5baf8%26hb_size%3D300x600%26id%3Dc0f81c1b-2f9a-11f0-8398-ae07cd09f6f2%26vw%3D40%2C50%2C60&cust_params=aam_props%3Dtangent-desktop%257Cdesktop%257Chomefront%26build%3Dtangent-desktop%26cst_section%3Dhomepage%26features%3Dnoautoplay%252CheavyAds%26fs%3D1%26gnt_sb%3D15%26gnt_ub%3D73%26hls%3Dhttps%253A%252F%252Fwww.telegram.com%252Fgcdn%252Fgannett-web%252Fapps%252Fteal%252Fdist%252Fvendor%252Fhls%252Fhls.1.2.8.min.js%26navigationtype%3Ddirect%26pageType%3Dhome-front%26privacy%3DNA%26property%3DNTEG%26sitepage%3DNTEG%252Fhome%26ssts_section%3Dhome%26pid%3D1747100214251_965745308%26userguid%3D8f5bc953-3ba6-4184-87c5-b7e127cc4d2a%26utm_props%3D%257C%257C%26variant%3D0150_C%252Cpb-bidcache%252Cst95%26variant_e%3D01B%26entid%3D07586076759659596215%26pageId%3D1747100214251_965745308%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_3011902_PG%252CIAS_3006644_PG%252CIAS_1510285_PG%252CIAS_1512790_PG%252CIAS_3010239_PG%26ss%3Dnon%252Ca%26swgt%3Dna%26dolookalike%3DNA%26user_traits%3DAnonInfinityLow%253A15%253Aout-market%252Ccdl_none&adks=151063775%2C2964912791%2C2780480590%2C2717190659&frm=20&eoidce=1&gblpids=%2F7103%2Fma-worcester-C6718%2Fhigh_impact%2Fhomepage%2F1~%2F7103%2Fma-worcester-C6718%2Finline_flex%2Fhomepage%2F1~%2F7103%2Fma-worcester-C6718%2Fposter_front%2Fhomepage%2F1~%2F7103%2Fma-worcester-C6718%2Fposter_scroll_front%2Fhomepage%2F1&pbbce=1&td=1&egid=31378&tan=20a7a44c-197f-492c-a4de-a53b4968d436%2C20a7a44c-197f-492c-a4de-a53b4968d437%2C20a7a44c-197f-492c-a4de-a53b4968d438%2C20a7a44c-197f-492c-a4de-a53b4968d439&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
e50cc85480f3b7e01d518cd1810629ff9445390692ac4720cd7626bda9f24853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
dcb
google-lineitem-id
6972963992,-2,-2,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 01:36:56 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138516301572,-2,-2,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.telegram.com
content-length
5863
x-xss-protection
0
server
cafe
container.html
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame 65C6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202505070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.157.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f132.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 May 2025 01:36:56 GMT
expires
Tue, 13 May 2025 01:36:56 GMT
last-modified
Wed, 30 Apr 2025 15:53:45 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 5F69
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
358 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
17f61996e11efdd2cd01274a6e75da9ff95c611d250d48c8713298498f2f4c61
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
358
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 13 May 2025 01:36:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VDA993QWWFPY9NFHD296

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 13 May 2025 01:36:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZP85RF71ZAH0M951JMV3
visible
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/visible?route=SG%3ASG%3AV&lti=trecs&tvi48=23831&tvi50=20575&tvi62=18148&cv=20250512-4-RELEASE
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
82149
pragma
no-cache
x-timer
S1747100216.023388,VS0,VE85
x-vcl-time-ms
85
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
json
trc.taboola.com/gannettdigital-telegram/trc/3/ 		100 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/trc/3/json?llvl=2&tim=09%3A36%3A56.070&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2230177%22%2C%22sd%22%3A%22v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100215_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA%22%2C%22ui%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1747100214804%2C%22cv%22%3A%2220250512-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8294%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-feed-desktop-03%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22cd%22%3A6706.25%2C%22mw%22%3A660%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%2C%22orig_uip%22%3A%22Right%20Rail%20Home%20Thumbnails%20-%20Redesign%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-rr%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22cd%22%3A1703%2C%22mw%22%3A300%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Feed%20-%20Feed%20Redesign%3Dthumbnails-feed-desktop-03%3Apub%3Dgannett-network%3Aabp%3D0%2CRight%20Rail%20Home%20Thumbnails%20-%20Redesign%3Dthumbnails-rr%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_5%22%2C%22lbt%22%3A1747094670937%2C%22uifp%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22wc%22%3Atrue%2C%22ex%22%3A%5B%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F12%2Fworcester-city-hall-closed-council-meeting%2F83588292007%2F%22%2C%22%2Fstory%2Fbusiness%2F2025%2F05%2F12%2Fbrodys-diner-shrewsbury-crash%2F83578363007%2F%22%2C%22%2Fstory%2Fnews%2Flocal%2F2025%2F05%2F11%2Fprotesters-fill-common-in-reaction-to-recent-ice-raid-arrests-by-pd%2F83569696007%2F%22%2C%22%2Fstory%2Fnews%2F2025%2F05%2F10%2Fworcesters-caitlin-mccarthy-demands-apology-from-fda-on-use-of-des%2F83519776007%2F%22%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
567be9e9da419a0ccf0d01a6a765cc2adb883914ab0772a5b8e5aa8d70abd2c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 13 May 2025 01:36:56 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
82782
x-timer
S1747100216.097562,VS0,VE493
x-vcl-time-ms
493
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.45145833333333335
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
83514638007-br-yr-ha-5-s.jpeg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/USAT/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/USAT/83514638007-br-yr-ha-5-s.jpeg?crop=5233,2944,x0,y784&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
341638c0577831e62eb7a325c209e1501a8afd50d61a6b4c9b4592ce7297a2fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"frY4/ZaVY/a7CreGQucbf/YeAUoYj5vwtJ0VIezJ6ZM"
age
372946
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
3864
77354401007-loc-white-cliffs-2.jpg
www.telegram.com/gcdn/authoring/authoring-images/2024/12/31/NTEG/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2024/12/31/NTEG/77354401007-loc-white-cliffs-2.jpg?crop=1999,1124,x0,y0&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e51e4960d8789417bc88159de732f67190a7eb7c6d253090b811ce9e230927c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"SH4a8vT7e4gf1uh2nH10XamnEGZo2mWMblIQWbuzPC8"
age
385152
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
5590
83515936007-loc-regal-cinema-westboro.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/NTEG/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/08/NTEG/83515936007-loc-regal-cinema-westboro.jpg?crop=1999,1125,x0,y146&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e343e65286f6c288b1a503a5c04c5261075051aae811a42b7c0d4f61f6d60316
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"AiqjJLtJq04oI1INKzEAP4etIZXnfX3foO0++uIi/X4"
age
374754
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
5366
83475123007-20250506-t-130518-z-1980896317-rc-2-pbea-0-g-9-tm-rtrmadp-3-usatrump-1.JPG
www.telegram.com/gcdn/authoring/authoring-images/2025/05/06/USAT/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/05/06/USAT/83475123007-20250506-t-130518-z-1980896317-rc-2-pbea-0-g-9-tm-rtrmadp-3-usatrump-1.JPG?crop=1023,576,x0,y153&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a40eca08a7f5291aad1104c4236ec1d6e4d72d5baf30b0bdb4cfe0e75806a96f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"WClEnSWbne1rPsnUgGfgLhU9Sv1j15Lpl5BiOZ1Y3Fo"
age
547743
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
2724
83357372007-loc-saucier-council-4.jpg
www.telegram.com/gcdn/authoring/authoring-images/2025/04/30/NTEG/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/authoring/authoring-images/2025/04/30/NTEG/83357372007-loc-saucier-council-4.jpg?crop=1999,1125,x0,y111&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1a56a196a0a9c8b26ecc4b64276b6ba4b3033aadc7b06491fe85bea62fc5d0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"6kKuE2SkEsgMJ66FfMEpZDrcvi3AQjmwMmqfFK4ARr8"
age
1089859
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
2708
e8a7c98e-8548-43d6-9e9d-25643d5f5f8c-President-Pedraja-Portrait-cropped.jpg
www.telegram.com/gcdn/presto/2021/03/05/NTEG/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/gcdn/presto/2021/03/05/NTEG/e8a7c98e-8548-43d6-9e9d-25643d5f5f8c-President-Pedraja-Portrait-cropped.jpg?crop=2035,1145,x0,y146&width=160&height=90&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24a9245b6919c3e8abc91cfeecc8d0dc735b8df279e1d679056320c6876aebb7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"hgS3FSVNHeDDZsYebLYTEEJh4urkzdne92fKsKtuFlw"
age
745899
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, MISS, MISS, MISS
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
vary
Accept
fastly-stats
io=1
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-security-policy
upgrade-insecure-requests
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
3340
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je5591v887636012za200&_p=1747100216269&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509156~102938614~103101750~103101752~103116026~103130498~103130500~103200004~103233424~103251618~103251620~103284320~103284322~103301114~103301116&cid=1038686065.1747100214&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&dl=https%3A%2F%2Fwww.telegram.com%2F&dt=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&dp=%2F&dr=&sid=1747100216&sct=1&seg=0&tfd=2956
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to
{"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.telegram.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:153:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:56 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5JJXNTWR1D&cid=1038686065.1747100214&gtm=45je5591v887636012za200&aip=1&uid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509156~102938614~103101750~103101752~103116026~103130498~103130500~103200004~103233424~103251618~103251620~103284320~103284322~103301114~103301116
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.189.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to
{"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.telegram.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:122:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:57 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.com.au/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5JJXNTWR1D&cid=1038686065.1747100214&gtm=45je5591v887636012za200&aip=1&uid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509156~102938614~103101750~103101752~103116026~103130498~103130500~103200004~103233424~103251618~103251620~103284320~103284322~103301114~103301116&tag_exp=101509156~102938614~103101750~103101752~103116026~103130498~103130500~103200004~103233424~103251618~103251620~103284320~103284322~103301114~103301116&z=1061632399
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.97.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bulk
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/bulk?route=SG%3ASG%3AV&lti=trecs&tvi48=23831&tvi50=20575&tvi62=18148&cv=20250512-4-RELEASE&bulkSize=36
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
79790
pragma
no-cache
x-timer
S1747100216.384623,VS0,VE132
x-vcl-time-ms
132
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
/
www.google.com/pagead/1p-user-list/994302621/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/994302621/?random=1747100215753&cv=9&fst=1747098000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.telegram.com%2F&tiba=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzQlL4XvlQbLwt1S_ZqbyWw6biNhQp58qMDyZya-GRbJTjjgov&random=253096927&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com.au/pagead/1p-user-list/994302621/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/994302621/?random=1747100215753&cv=9&fst=1747098000000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.telegram.com%2F&tiba=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzQlL4XvlQbLwt1S_ZqbyWw6biNhQp58qMDyZya-GRbJTjjgov&random=253096927&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.97.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 13 May 2025 01:36:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bulk
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/bulk?route=SG%3ASG%3AV&lti=trecs&tvi48=23831&tvi50=20575&tvi62=18148&cv=20250512-4-RELEASE&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
79782
pragma
no-cache
x-timer
S1747100217.602901,VS0,VE81
x-vcl-time-ms
81
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
container.html
0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/ Frame 6C90 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/main-q1a2z37f3c0ca1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.157.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ta-in-f132.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 May 2025 01:36:56 GMT
expires
Tue, 13 May 2025 01:36:56 GMT
last-modified
Wed, 30 Apr 2025 15:53:45 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dtrustx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://www.telegram.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=e028401f-2b8a-4983-9f20-5999437e5cf4
86 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=e028401f-2b8a-4983-9f20-5999437e5cf4
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:36:58 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100218.940325,VS0,VE52
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://www.telegram.com/pbd/setuid?bidder=trustx&gdpr=&gdpr_consent=&f=i&uid=e028401f-2b8a-4983-9f20-5999437e5cf4
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:57 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-44/js/ Frame 6C90 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-44/js/ext.js
Requested by
Host: 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
URL: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f132.1e100.net
Software
sffe /
Resource Hash
88209e5915d9576c860ffd0d4427f4231e3712812128457065205ef71d3bf8f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:57 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 30 Apr 2025 15:53:45 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6270
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6C90 		221 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
URL: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
cafe /
Resource Hash
f6bb2a1d578131df5a91a26c492be8e072c8ab92ec4db8353fce83073674d569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
15941702311762804625
age
3043
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:46:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 13 May 2025 00:46:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69514
x-xss-protection
0
server
cafe
debug
sg-trc-events.taboola.com/gannettdigital-telegram/log/2/ 		0
129 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sg-trc-events.taboola.com/gannettdigital-telegram/log/2/debug?type=warn&msg=Placements%20With%20no%20Content%3A%20Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Card%205&lt=trecs&tvi48=23831&tvi50=20575&tvi62=18148&tim=09%3A36%3A56.821&id=82421&cv=20250512-4-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

access-control-allow-origin
https://www.telegram.com
x-fastly-to-nlb-rtt
50197
date
Tue, 13 May 2025 01:36:56 GMT
server
nginx
access-control-allow-credentials
true
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/5.3.8/ 		102 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/5.3.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2421fd00812b6365a48405ace7f69b25717f2536aeea39258413439ed91cd9a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"53da787aa61a00566b42dd02ee0979fe"
age
493020
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
ZJuIVniTY2eIuy_1Q3XBB-IUgHAYimHtu9Dhz4H2JOJT0mh_4fC6BQ==
date
Tue, 13 May 2025 01:36:56 GMT
content-type
application/javascript
x-served-by
cache-per12624-PER
x-cache-hits
26363
last-modified
Wed, 07 May 2025 07:38:54 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100217.859593,VS0,VE0
via
1.1 4a7e3364ba9929ca17ffba06a4295ec2.cloudfront.net (CloudFront), 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27988
x-amz-cf-pop
PER50-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
d6a6661d0322446f46df902f1e8d59db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6a6661d0322446f46df902f1e8d59db.jpg
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e101b4cd20dc04dbd0399d53fb3a0f58bb59be3b7bac4107037e7e0428c18112

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6a6661d0322446f46df902f1e8d59db.jpg
etag
"2c970083444d709446118513acb956dc"
surrogate-reporting
width=360,height=180,bytes=17894,format="jpg",owidth=1200,oheight=674,obytes=208494,oformat="jpg",crt=1744948862,ocrt=1744648264,ef=(1,13,17,23,30)
cache-tag
450076210327147029864239276065919987229,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
age
1764861
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
last-modified
Fri, 18 Apr 2025 04:01:03 GMT
x-served-by
cache-iad-kcgs7200141-IAD, cache-iad-kcgs7200141-IAD, cache-bur-kbur8200102-BUR, cache-iad-kcgs7200026-IAD, cache-per12624-PER
x-cache-hits
0, 3, 0, 198, 2
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
450076210327147029864239276065919987229,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
27
x-timer
S1747100217.891203,VS0,VE0
x-orig-request-id
a31e7485b73c91901ef3ab03c4d4b0ef
x-ratelimit-reset
1
expiration
expiry-date="Mon, 19 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
0
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.fox5dc.com/
content-length
8774
x-ratelimit-limit
101
server
nginx
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap%27
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.97.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tm-in-f95.1e100.net
Software
ESF /
Resource Hash
5f4edfd6c574a6498def6965e8a5fdb131eb648e809e586cda8c00bd7033b9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:57 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 13 May 2025 00:26:16 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
df44d26fed17b5408dd96e2e62eb223f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df44d26fed17b5408dd96e2e62eb223f.jpg
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16609d1dd6acd285515de7ff1488b5742f994744844ae1e4cc6ec650058671e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-request-id
a64324813d3814b38d7ab1cf9337d2a8
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df44d26fed17b5408dd96e2e62eb223f.jpg
etag
"c90b24b6984c8ec6c80476a1e147c43c"
surrogate-reporting
width=400,height=223,bytes=34453,format="jpg",owidth=1536,oheight=1024,obytes=182397,oformat="jpg",crt=1743224869,ocrt=1741801123,ef=(1,13,17,23,30)
cache-tag
354475356021657019979088770322353847163,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age
1776792
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
last-modified
Wed, 12 Mar 2025 17:38:45 GMT
x-served-by
cache-iad-kcgs7200037-IAD, cache-iad-kcgs7200037-IAD, cache-lga21950-LGA, cache-iad-kjyo7100079-IAD, cache-per12624-PER
x-cache-hits
0, 0, 0, 0, 323
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
354475356021657019979088770322353847163,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
960
x-timer
S1747100217.928513,VS0,VE0
x-orig-request-id
91e09269785e7833bc355bb05fd7fd6c
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://thewest.com.au/
content-length
19252
x-ratelimit-limit
101
server
nginx
13606af125e2dddcd991f186d803b983.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_6000%2Cx_0%2Cy_625/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_6000%2Cx_0%2Cy_625/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13606af125e2dddcd991f186d803b983.jpg
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f2523d5909beed5a0eb33558b9bc7f544371a33ef6cf70e118fd66773e7f0a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-request-id
970abc79b327d07fa9312c31c9a34177
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_6000%2Cx_0%2Cy_625/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13606af125e2dddcd991f186d803b983.jpg
etag
"2d89bda3f5f58d0ac514bf1c83592b4f"
surrogate-reporting
width=400,height=223,bytes=15185,format="jpg",owidth=6000,oheight=4000,obytes=2715360,oformat="jpg",crt=1744779344,ocrt=1743462615,ef=(1,13,17,23,30)
cache-tag
445042142988856933679247913130982094655,463043850699672485366229929068829062807,29ecf9b93bbf306179626feeda1fab70
age
1729087
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
last-modified
Tue, 01 Apr 2025 01:12:18 GMT
x-served-by
cache-iad-kjyo7100046-IAD, cache-iad-kjyo7100046-IAD, cache-chi-klot8100118-CHI, cache-iad-kcgs7200177-IAD, cache-per12624-PER
x-cache-hits
0, 1, 0, 18, 0
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
445042142988856933679247913130982094655,463043850699672485366229929068829062807,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
184
x-timer
S1747100217.943205,VS0,VE1
x-orig-request-id
7a39c50a8e13b2ca3c71c3e55515203d
x-ratelimit-reset
1
x-vcl-time-ms
1
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.ndtv.com/
content-length
10518
x-ratelimit-limit
101
server
nginx
39369c49765c1225b4f7cbacfcaa6241.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39369c49765c1225b4f7cbacfcaa6241.jpg
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ff9ffb4ea3bbb5df4f0b3c658b7d77fc0d675795757abb89eeaa635ae8d1937

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-request-id
a022d1ca802175e99a047d3a8b83fc8a
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/39369c49765c1225b4f7cbacfcaa6241.jpg
etag
"92397c9725600d14b9fd65be8776095f"
surrogate-reporting
width=400,height=223,bytes=26041,format="jpg",owidth=3464,oheight=2309,obytes=340610,oformat="jpg",crt=1746596393,ocrt=1746552984,ef=(1,13,17,23,30)
cache-tag
468007169785680249806414833426075775034,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
age
503824
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
last-modified
Tue, 06 May 2025 17:36:25 GMT
x-served-by
cache-iad-kjyo7100037-IAD, cache-iad-kjyo7100037-IAD, cache-bur-kbur8200163-BUR, cache-iad-kiad7000151-IAD, cache-per12624-PER
x-cache-hits
0, 0, 0, 2, 28
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
468007169785680249806414833426075775034,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
757
x-timer
S1747100217.951626,VS0,VE0
x-orig-request-id
85290301fc02dd84289b7cb95245c2f4
x-ratelimit-reset
1
x-vcl-time-ms
0
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.manoramaonline.com/
content-length
11446
x-ratelimit-limit
101
server
nginx
668f19ee2503fef5b395c8f6618720cb.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1468%2Cx_50%2Cy_0/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1468%2Cx_50%2Cy_0/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/668f19ee2503fef5b395c8f6618720cb.png
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17030f89cf01a32143683fedc339a9fa34b4001e956853644aca71375c299e1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1468%2Cx_50%2Cy_0/c_fill%2Cw_400%2Ch_223/http%3A//cdn.taboola.com/libtrc/static/thumbnails/668f19ee2503fef5b395c8f6618720cb.png
etag
"0463c4ecc6adf1f00efd370a0cf6e64f"
surrogate-reporting
width=400,height=223,bytes=15132,format="jpg",owidth=1518,oheight=826,obytes=1436499,oformat="png",crt=1743545047,ocrt=1741474733,ef=(1,13,17,23,30)
cache-tag
335030368196090828223026674372639809568,392297387935175044827390063723430975276,29ecf9b93bbf306179626feeda1fab70
age
1306946
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
last-modified
Tue, 01 Apr 2025 22:04:08 GMT
x-served-by
cache-iad-kiad7000173-IAD, cache-iad-kiad7000173-IAD, cache-chi-klot8100056-CHI, cache-iad-kjyo7100055-IAD, cache-per12624-PER
x-cache-hits
0, 2, 0, 80, 68
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
335030368196090828223026674372639809568,392297387935175044827390063723430975276,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
65
x-timer
S1747100217.957238,VS0,VE0
x-orig-request-id
2f23d62a6599a5d321403973dc5d69a1
x-ratelimit-reset
1
expiration
expiry-date="Fri, 02 May 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
0
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.financialexpress.com/
content-length
11972
x-ratelimit-limit
101
server
nginx
banner-to-native-fallback.png
images.taboola.com/taboola/image/fetch/$pw_800%2C$ph_400/https%3A//cdn.taboola.com/banner/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_800%2C$ph_400/https%3A//cdn.taboola.com/banner/banner-to-native-fallback.png
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2de2417abee60e8565353b76826f8305eb61126944722e188c06dc584ecfeef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-debug
/taboola/image/fetch/$pw_800%2C$ph_400/https%3A//cdn.taboola.com/banner/banner-to-native-fallback.png
etag
"3204b2c914146c1b0c62936c10efd57c"
surrogate-reporting
width=1200,height=1000,bytes=343212,format="png",owidth=1200,oheight=1000,obytes=342641,oformat="png",crt=1735466552,ocrt=1734534432,ef=(1,17,22,30)
cache-tag
342460357129815946538201328252813145160,321035734435134629701704570973013957505,29ecf9b93bbf306179626feeda1fab70
age
3130955
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:56 GMT
content-type
image/webp
last-modified
Sun, 29 Dec 2024 10:02:33 GMT
x-served-by
cache-iad-kiad7000057-IAD, cache-iad-kiad7000057-IAD, cache-lga21984-LGA, cache-iad-kiad7000072-IAD, cache-per12624-PER
x-cache-hits
0, 0, 0, 31139, 3287
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
342460357129815946538201328252813145160,321035734435134629701704570973013957505,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
382
x-timer
S1747100217.994096,VS0,VE0
x-orig-request-id
c397812b04006999aacf09eef6d0d4c8
x-ratelimit-reset
1
expiration
expiry-date="Wed, 29 Jan 2025 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
x-vcl-time-ms
0
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://thehill.com/
content-length
21392
x-ratelimit-limit
101
server
nginx
json
trc.taboola.com/gannettdigital-telegram/trc/3/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/trc/3/json?llvl=2&tim=09%3A36%3A56.914&lti=trecs&pubit=n&t=1&data=%7B%22id%22%3A%2293458%22%2C%22sd%22%3A%22v2_854c1e4667afcb0cfcfbc6a34030612e_7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7_1747100215_1747100216_CIi3jgYQ0vxMGJTMprrsMiABKAEwEDiu_QZA9oUQSMzD1wNQ____________AVgAYABoo6CtupCs4cX6AXABgAEA%22%2C%22ui%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22vi%22%3A1747100214804%2C%22cv%22%3A%2220250512-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8896%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22uip%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Lazy%20Injected%201%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Injected%201%22%2C%22s%22%3A1%2C%22uim%22%3A%22above-the-feed-premium-card-fp-delta%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22fl%22%3A%22aCKiOAAIh5hpWIB6wZ8GaFeqQNLLiflcEz-3KQ%3D%3D%22%2C%22ori%22%3A%220e26bfeeac817cd056212c539e5b6dc6%22%2C%22cd%22%3A6709.25%2C%22mw%22%3A495%7D%5D%2C%22pev%22%3A%2213309%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Feed%20-%20Feed%20Redesign%20%7C%20Lazy%20Injected%201%3Dabove-the-feed-premium-card-fp-delta%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22usrtyp%22%3A%22guest%22%2C%22_cn%22%3A%22tions_6%22%2C%22lbt%22%3A1747094670937%2C%22uifp%22%3A%227c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7%22%2C%22wc%22%3Atrue%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8eb3a48068ca08ec3b4e5e79a3f4a4369a038ce2b021e1d9d0a993d6fa602c32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding
gzip
date
Tue, 13 May 2025 01:36:57 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-per12624-PER
x-cache-hits
0
vary
Accept-Encoding
x-fastly-to-nlb-rtt
84336
x-timer
S1747100217.941032,VS0,VE155
x-vcl-time-ms
155
access-control-allow-credentials
true
via
1.1 varnish
cpu
0.538125
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
bulk
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
89 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/bulk?route=SG%3ASG%3AV&lti=trecs&tvi48=23831&tvi50=20575&tvi62=18148&cv=20250512-4-RELEASE&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:57 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
82275
pragma
no-cache
x-timer
S1747100217.009070,VS0,VE91
x-vcl-time-ms
91
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
syncframe
gum.criteo.com/ Frame CCF3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegram.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
43fe7cc6db1c3739aeb83e2496de0dd49feaf3aeee148bbb99f2aabd682f9347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 May 2025 01:36:57 GMT
server
Kestrel
server-processing-duration-in-ticks
523492
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ads
pubads.g.doubleclick.net/gampad/ Frame 4C3B 		156 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?&ad_rule=0&cmsid=12768&description_url=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&env=vp&gdfp_req=1&hl=en&iu=%2F7103%2Fma-worcester-C6718%2Fpreroll_video%2Fsports%2Fpreps&max_ad_duration=120000&min_ad_duration=0&output=xml_vast4&plcmt=2&scp=undefined&startdelay=0&sz=920x508&unviewed_position_start=1&url=https%3A%2F%2Fwww.telegram.com%2F&vid=83516566007&vpa=auto&vpmute=1&vpos=preroll&cust_params=%26adCount%3D%26categoryvalue%3D%26contentid%3D83516566007%26credit%3DGrace%20Smith%26cst_section%3Dsports%26cst_subsection%3Dpreps%26cst_topic%3D%26mutedAutoplay%3Dtrue%26origin%3Dindianapolis%20star%26pagetype%3Dhome-front%26playersize%3D660x371%26playertype%3Dteal-sectionfrontvideoplayer-homefront%26playertype_test%3Dteal-sectionfrontvideoplayer-homefront%26recommendedvideo%3D%26series%3D%26ssts_section%3Dsports%26ssts_subsection%3Dhigh-school%26ssts_topic%3D%26ssts_subtopic%3D%26topic%3D%2Chigh-school-sports%26variant%3D0150_C%2Cpb-bidcache%2Cst95%26vfront%3Dyes%26vfrontsec%3Dhome%26videolength%3D%26videotag%3DHigh%20School%20Sports%26videostart%3Dauto-first%26aam_props%3Dtangent-desktop%7Cdesktop%7Chomefront%26adlabel%3D%26admiral-engaged%3D%26bot%3D%26build%3Dtangent-desktop%26dolookalike%3DNA%26features%3Dnoautoplay%26front%3D%26fs%3D1%26gnt_sb%3D15%26gnt_ub%3D73%26navigationType%3Ddirect%26property%3DNTEG%26pageId%3D1747100214251_965745308%26referrer%3D%26sitepage%3DNTEG%2Fhome%26ss%3Dnon%2Ca%26subsection%3D%26swgt%3Dna%26userguid%3D8f5bc953-3ba6-4184-87c5-b7e127cc4d2a%26user_traits%3DAnonInfinityLow%3A15%3Aout-market%2Ccdl_none%26utm_props%3D%7C%7C%26variant_p%3D%26variant_e%3D01B%26entid%3D07586076759659596215&ppid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&sdkv=h.3.695.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=4233251268&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.695.1&sid=409FA864-FBF5-417C-9306-FB5547C637BE&htps=10&nel=1&td=1&eid=95322027%2C95326337%2C95331589%2C95332046%2C95351091%2C95356068&top=https%3A%2F%2Fwww.telegram.com%2F&loc=https%3A%2F%2Fwww.telegram.com%2F&dt=1747100217004&cookie_enabled=1&eoidce=1&pvsid=2882803057601261&correlator=2281157817724154&scor=3351544504953244&ged=ve4_td3_tt1_pd3_la3000_er1160.290.1313.590_vi0.0.1200.1600_vp26_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.695.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.189.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tl-in-f157.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

content-encoding
br
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 01:36:57 GMT
content-type
text/xml; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://imasdk.googleapis.com
content-length
113
x-xss-protection
0
server
cafe
c03564ca25d35bcd7325cbea12971a0f.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.9100%2Cw_4344%2Cx_0%2Cy_316/c_fill%2Cw_600%2Ch_316/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.9100%2Cw_4344%2Cx_0%2Cy_316/c_fill%2Cw_600%2Ch_316/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03564ca25d35bcd7325cbea12971a0f.jpg
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
658c2f940f85e1ae1ad1b4f90ebfc1730744758fc11691b63b3549749462e164

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-request-id
683fded65994da5b9191f6ea6d0462e6
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.9100%2Cw_4344%2Cx_0%2Cy_316/c_fill%2Cw_600%2Ch_316/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c03564ca25d35bcd7325cbea12971a0f.jpg
etag
"708e96432830123ac92aa5243294085b"
surrogate-reporting
width=600,height=316,bytes=35460,format="jpg",owidth=4344,oheight=2896,obytes=2833778,oformat="jpg",crt=1746875589,ocrt=1744060893,ef=(1,13,17,23,30)
cache-tag
444593805888151211345648084186745786360,514488397904267465246299059867965176526,29ecf9b93bbf306179626feeda1fab70
age
224628
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
date
Tue, 13 May 2025 01:36:57 GMT
content-type
image/webp
last-modified
Wed, 09 Apr 2025 05:11:15 GMT
x-served-by
cache-iad-kcgs7200119-IAD, cache-iad-kcgs7200119-IAD, cache-nyc-kteb1890028-NYC, cache-iad-kiad7000131-IAD, cache-per12624-PER
x-cache-hits
0, 0, 0, 0, 0
access-control-allow-headers
X-Requested-With
vary
ImageFormat
edge-cache-tag
444593805888151211345648084186745786360,514488397904267465246299059867965176526,29ecf9b93bbf306179626feeda1fab70
cache-control
public, max-age=31536000
timing-allow-origin
*
x-envoy-upstream-service-time
2077
x-timer
S1747100217.204608,VS0,VE1
x-orig-request-id
3e9ef00bc89025ba3f16a183f6ddb939
x-ratelimit-reset
1
x-vcl-time-ms
1
via
1.1 varnish, 1.1 varnish
x-ratelimit-remaining
100
accept-ranges
bytes
access-control-allow-origin
*
req-referer
https://www.manoramaonline.com/
content-length
28638
x-ratelimit-limit
101
server
nginx
bulk
trc.taboola.com/gannettdigital-telegram/log/3/ 		0
573 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gannettdigital-telegram/log/3/bulk?route=SG%3ASG%3AV&lti=trecs&tvi48=23831&tvi50=20575&tvi62=18148&cv=20250512-4-RELEASE&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:57 GMT
content-type
image/gif
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache
x-fastly-to-nlb-rtt
84313
pragma
no-cache
x-timer
S1747100217.452525,VS0,VE87
x-vcl-time-ms
87
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.telegram.com
x-service-version
v1
server
nginx
st
imprsgmp.taboola.com/ Frame E20A 		550 B
540 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.3.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed40660646c3984559ad62caaa0ad0ba3839e6592a5c589087e3bde07ef9c7eb

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 13 May 2025 01:36:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-per12622-PER
x-timer
S1747100218.688839,VS0,VE84
sync
sg-match.taboola.com/ Frame 46FC 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sg-match.taboola.com/sync?dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/5.3.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
0c5a991bd2d438f0c39eaa3d4d9c9ecba7e2b44123d8304df9efbcd038ba6b24

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 13 May 2025 01:36:57 GMT
machineid
430103
server
nginx
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/35_5_7/infra/ 		578 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/35_5_7/infra/cmTagFEED_MANAGER.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a553941c25c27faaddbbafb853db8ad20bc71f7c58e4f073be6b3579850a9d0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"5e8b1004cdde3d9f8cc048b86c0d0786"
age
59542
x-amz-meta-gid
0
x-amz-meta-mtime
1747040598
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Tue, 13 May 2025 01:36:57 GMT
last-modified
Mon, 12 May 2025 09:03:20 GMT
content-type
application/javascript
x-served-by
cache-per12625-PER
x-cache-hits
1343
x-amz-id-2
6YU3k3jqK3K1a484tTL/yB49vL5F+Nz31P8xQNaMdbTdX5na1X3HDNZbaHEd4eW5/P00Y6+njgM=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1747100217.290075,VS0,VE0
via
1.1 varnish
x-amz-request-id
8XK6JEZ03SJ72C95
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
115472
x-amz-meta-ctime
1747040599
server
AmazonS3-br
x-amz-server-side-encryption
AES256
st
sg-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=31589837&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&mntl=1
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

date
Tue, 13 May 2025 01:36:57 GMT
server
nginx
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6C90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssDjw17dA_gepHv6Ij8WdK2WviI6sFyr7DKGaZZ1nrJStBv8pKO5YuIkB4m3o08AD6UyMc39jG-9pborzvnRwkBUIBWaQd53buXRHeR7ZyKvcVTa5q0uGgb7Lb-lWypYMHIwdB7O356C5VAfglyCfJEMdgNGZxJAUwPtxDm7NetaKFOo7S11uQ6pc-AzkyFe-xzd9lmc2nxtNSHGZpvPhLFgl0C1K-NJYSVnToSHOPJV7IEmppbIA7AniVfPFLxpKvl5-6ylfkevyGr73i2YfFQCkspErG3tFTP4LNNRO4WlbCtYxgn2roz1mdJCSLm0QpejrtNt-5yDXNaHbj8KK4UljQdwDdZlY3dLQ4UpVbX4_DP3K8cBwl-Fm9d5-zrrc_XR_jhPPDo2ER1RG_Ix46toWZ-aQXiFvKi0XKtZD1cuWo&sai=AMfl-YS8wRlCdSdSzWGuiN2ce1dYl4SEGI0t1xMAKntDgfN33tGbCD1Rd5Mwi4YuwQSWhCkPBJZs1MPrCkeUEE9mNIBdqwth3fqwLZFqCfxL_f_SYEXIHXFFgADqO0YLqkQ42z0B53_CTanIx5_TdG8u&sig=Cg0ArKJSzPGK7iESmEbdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
URL: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 13 May 2025 01:36:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 13 May 2025 01:36:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 13 May 2025 01:36:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 13 May 2025 01:36:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jload
pixel.adsafeprotected.com/ Frame 46F0 		63 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=922805&campId=2560x1440&pubId=5708625285&chanId=22126653788&placementId=6972963992&pubCreative=138516301572&pubOrder=3751191092&cb=1188325430&adsafe_par&impId=c0f81c18-2f9a-11f0-8398-ae07cd09f6f2&custom2=direct&custom3=home-front&ias_adpath=.gravity-viewable
Requested by
Host: 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
URL: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.236.254.232 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-254-232.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
d8ce8cd93170f95788c327313c7adeece7f9d8435de78c61a2d0bf919d30728a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin
pixel.adsafeprotected.com
date
Tue, 13 May 2025 01:36:57 GMT
content-type
application/javascript;charset=utf-8
vary
accept-encoding
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:922805&sessionId:dcb2677a-8c00-db61-4bc7-b3ccd8faf5c1&err:responsetime%3A454%26probability%3A10
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.64.153.132 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-153-132.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 13 May 2025 01:36:57 GMT
pragma
no-cache
content-type
image/gif
truncated
/ Frame 6C90 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94fec8d53ed05a1c9175668f7be9bb7c801e7c32b8f845d403dbdb84e724febc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6C90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUTqWRAwU1bBFs7jpYP_5_FsmUaJ_4n2IW3xsEuh1L8AKt40BqqBGBetPOtrCfgvcPVEDnqhSX75fpTJ_uPMw--ZN1-XTBvYrZfBv-ulmJZAeOjVNl5XGeK66KWFufChvUneNPfg321XnlaOrh-N_VKEDYZHZoJXaAQL_iNKARD6v-K9byT9mTEngSA0tiYRYFRlEclnAPeei5pkAoK6HGVxKpbZvlFTnx4scI9ANJjY-RiS5dlrWbzJYqlZAhu6PlSEwM7Hb1c9lIjJmK9XNP50Jpjln1L-YkEI09RFUd4wnrMOh9ofa3xjb8sUYu8QUkvujzCAxkwD4OnW8TTlhomJiDWNa81w82Q2GcYPiBYqcXKMs3xPwZwAEK1eGzErRCoL1BscJDZsQzaGAcUtJ9smiF_1mKqwAD024uWazgqbLaETs&sai=AMfl-YTLvi-80QrXmX58jJLGpAQX6yOui11wABjg-s8STG3Sad_prlIxMZjH2n6jFYMkD1q3hNA9A_7LAGLQIxXqwxyZdN2vcAD2YP6QALF9LxYAJwBjKaN5OVeF1GyW5e_yc-dPsPfyU0rNUE1kL5q9&sig=Cg0ArKJSzNaP4RVxlvolEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.125.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tp-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 13 May 2025 01:36:57 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 13 May 2025 01:36:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		454 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/OvaMediaPlayer.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
953089daf7839bedb2c61b08041e68f093dc2e48a302ae89c41d58d63ceafd55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
br
etag
"65b39656688b434e266d27aebf3aab86"
age
496478
x-amz-meta-gid
0
x-amz-meta-mtime
1746603603
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Tue, 13 May 2025 01:36:57 GMT
last-modified
Wed, 07 May 2025 07:40:30 GMT
content-type
application/javascript
x-served-by
cache-per12625-PER
x-cache-hits
6528
x-amz-id-2
crf1tIzNcvvOWEVpL8580js65++dfvCZDKQFvB7g3vgZQhW54KnrfEeK10l2iKuep0Q5XJSndsQ=
access-control-allow-headers
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
x-timer
S1747100218.591156,VS0,VE0
via
1.1 varnish
x-amz-request-id
1N8V029CTK5DRZ4V
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
84877
x-amz-meta-ctime
1746603629
server
AmazonS3-br
x-amz-server-side-encryption
AES256
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.telegram.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

etag
"b2b087fe4ae638c533731c347fcd4df8"
age
2458245
x-amz-meta-mtime
1497790207
x-amz-meta-gid
0
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
jzav1AlLIKoLST970YdWnG8zpamcOczfmp8DEvDOhTotfk5FyWExDQ==
date
Tue, 13 May 2025 01:36:57 GMT
content-type
video/mp4
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
x-served-by
cache-per12624-PER
x-cache-hits
167408
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.624616,VS0,VE0
Content-Range
bytes 0-90783/90784
via
1.1 222acbab2f5fec85beb4280b07b935a4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
90784
x-amz-cf-pop
PER50-C1
server
AmazonS3
41678624_ci.png
www.gannett-cdn.com/gps/applications/magic-proof/2025/04/groundworks-performance/nw-41678624-939ba71118d9/assets/ Frame 6C90 		84 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/gps/applications/magic-proof/2025/04/groundworks-performance/nw-41678624-939ba71118d9/assets/41678624_ci.png?cb=ReHuVYGa
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a08de3509e86d72f1f371e87e78ed5bee9ba008eec7a6c72a1c82bc447076880
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

etag
"Rj/s/CJ3HlkFv5kfIT2au9WfUFDsSMrqZuSmLsomQQQ"
age
613688
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:57 GMT
content-type
image/webp
vary
Accept
x-cache-hits
0, 496, 0
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
document-policy
include-js-call-stacks-in-crash-reports
content-length
84
41678624_bi.jpg
www.gannett-cdn.com/gps/applications/magic-proof/2025/04/groundworks-performance/nw-41678624-939ba71118d9/assets/ Frame 6C90 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/gps/applications/magic-proof/2025/04/groundworks-performance/nw-41678624-939ba71118d9/assets/41678624_bi.jpg?cb=OQpnraD3?width=1920&quality=40&format=pjpg&auto=webp
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c1af37c79f81da417500e2cbc579607bc127bd64a7bbfd10ea1eceaad30674f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

etag
"ZFTfxweBaI4SyeDXFOC/sG/8fGeEn6Nl9rPfXP5a2pM"
age
491369
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-cache
MISS, HIT, HIT
date
Tue, 13 May 2025 01:36:57 GMT
content-type
image/webp
vary
Accept
x-cache-hits
0, 464, 0
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=2592000
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
accept-ranges
bytes
access-control-allow-origin
*
document-policy
include-js-call-stacks-in-crash-reports
content-length
53432
rtset
bh.contextweb.com/ 		49 B
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%25%25VGUID%25%25
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(12.0.17) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
private, max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-stage-0
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
server
Jetty(12.0.17)
json
gum.criteo.com/sid/ Frame CCF3 		436 B
942 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=telegram.com&sn=ChromeSyncframe&so=0&topUrl=www.telegram.com&topicsavail=1&fledgeavail=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegram.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f6143e77312141b20e8280c2b6e1c2e258a30df12652807aa87ae4d147a7ca9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.telegram.com

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
server-processing-duration-in-ticks
1134302
expires
0
date
Tue, 13 May 2025 01:36:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
TBPrebidHookHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBPrebidHookHandler.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec890851d67d305f2fcca4e7af233b7deac337d96f11bf497694abdcecc4d4ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"9d4de9ec21538421bf4a7a402c58248f"
age
491756
x-amz-meta-gid
0
x-amz-meta-mtime
1746603603
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
qOTB1Bps6U5oD2ygEbZFE6b3JS0v1zpOXuomeSo2RksRA-Z188ljgA==
date
Tue, 13 May 2025 01:36:57 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 07:40:06 GMT
x-served-by
cache-per12625-PER
x-cache-hits
4575
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.781577,VS0,VE0
via
1.1 4ae3e3a5c48b45cacd83dbaeabcd3076.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
3842
x-amz-cf-pop
PER50-P1
x-amz-meta-ctime
1746603603
server
AmazonS3
x-amz-server-side-encryption
AES256
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.187.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://fonts.googleapis.com/

Response headers

age
446115
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 07 May 2026 21:41:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 07 May 2025 21:41:43 GMT
last-modified
Wed, 23 Apr 2025 16:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap%27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.187.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://fonts.googleapis.com/

Response headers

age
446115
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 07 May 2026 21:41:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 07 May 2025 21:41:43 GMT
last-modified
Wed, 23 Apr 2025 16:05:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pr
s.amazon-adsystem.com/v3/ Frame 4213 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
63e51b8f04297963039fff670bbe8698a704bf35d7e732bdd1b433c306b73370
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2879
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 13 May 2025 01:36:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BYP7SPW7QXZAHR8AQ1N4
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E20A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=84210e73-8e70-4ea8-aae0-ad4ef18c8cf9
0
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=84210e73-8e70-4ea8-aae0-ad4ef18c8cf9
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

x-fastly-to-nlb-rtt
83146
x-timer
S1747100218.450215,VS0,VE84
x-vcl-time-ms
84
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Tue, 13 May 2025 01:36:58 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-per12622-PER

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=84210e73-8e70-4ea8-aae0-ad4ef18c8cf9
content-length
239
date
Tue, 13 May 2025 01:36:58 GMT
server
Kestrel
0
prebid.a-mo.net/cchain/ Frame E20A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/cchain/0?gdpr=gdpr=0&&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadaptmxrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
ab2cc762c571aaf5bc8130cf6ee5f5d373a5ccfca2bfd0461a0f18df0019e1e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
x-envoy-upstream-service-time
3
content-length
674
date
Tue, 13 May 2025 01:36:57 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
server
envoy
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E20A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pqCC7ENE2oTlih6GInWU.lVSNa8j1.ya0voh0Q--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pqCC7ENE2oTlih6GInWU.lVSNa8j1.ya0voh0Q--~A
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

x-fastly-to-nlb-rtt
47693
date
Tue, 13 May 2025 01:36:58 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-pqCC7ENE2oTlih6GInWU.lVSNa8j1.ya0voh0Q--~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Tue, 13 May 2025 01:36:58 GMT
server
ATS
x-frame-options
DENY
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

etag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age
16086
x-cache
HIT
date
Tue, 13 May 2025 01:36:57 GMT
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
x-served-by
cache-per12624-PER
x-cache-hits
1388
content-type
image/png
x-amz-id-2
J3njHZzOx/WDeMq6Teigmau/WG6IOn5crMFEdg0ZcFbuOLgIOFYOWvWGEedVnVCStQl+DoVf54U=
x-amz-replication-status
COMPLETED
cache-control
private,max-age=31536000
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1747100218.891086,VS0,VE0
via
1.1 varnish
x-amz-request-id
WKP17E3N8FADZAQ4
accept-ranges
bytes
access-control-allow-origin
*
abp
76
content-length
254
server
AmazonS3
TBPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		232 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBPrebidHandler.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217d92c904d60b3f3b83fe7ca5bf9731cc186503e3a26c97bc204d84d3403ced

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"9229e7d08a1d6e777334ac2940914cbd"
age
496473
x-amz-meta-gid
0
x-amz-meta-mtime
1746603603
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
0HtDkPqakYiDKXfAEhm2oCVuZJoN1B37NBEhwW85jY5_K7jF7sSMTg==
date
Tue, 13 May 2025 01:36:57 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 07:40:05 GMT
x-served-by
cache-per12625-PER
x-cache-hits
4770
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.896044,VS0,VE0
via
1.1 4ae3e3a5c48b45cacd83dbaeabcd3076.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
75031
x-amz-cf-pop
PER50-P1
x-amz-meta-ctime
1746603603
server
AmazonS3
x-amz-server-side-encryption
AES256
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 46FC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sg-match.taboola.com/

Response headers

x-fastly-to-nlb-rtt
83281
x-timer
S1747100219.558395,VS0,VE84
x-vcl-time-ms
84
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Tue, 13 May 2025 01:36:58 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-per12622-PER

Redirect headers

location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d
content-length
239
date
Tue, 13 May 2025 01:36:58 GMT
server
Kestrel
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 46FC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.5x.V85E2oT1RcKiMuO4xr3FEBwNAZ1mrUoSmg--~A
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.5x.V85E2oT1RcKiMuO4xr3FEBwNAZ1mrUoSmg--~A
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sg-match.taboola.com/

Response headers

x-fastly-to-nlb-rtt
53458
date
Tue, 13 May 2025 01:36:58 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-.5x.V85E2oT1RcKiMuO4xr3FEBwNAZ1mrUoSmg--~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Tue, 13 May 2025 01:36:58 GMT
server
ATS
x-frame-options
DENY
csi
csi.gstatic.com/ Frame 4C3B 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~malucyxy&c=1864189242412&slotId=932094621206&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.695.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.194.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del12s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
480p_30fps,720p_30fps,1080p_30fps,master.m3u8
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/ 		750 B
993 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/480p_30fps,720p_30fps,1080p_30fps,master.m3u8?subtitles=83516566007
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/hls.1.2.8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
6236da7283fe6f920d94b3416a758586ee673d2fe79eaa4d17e33de72674fb11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

fastly-stats
otfp=1
etag
"dsQ3YDiH94rJbhmout-YJ_J9onMKSRLk_PCEuit35mfVtkS56fK_s4FwwP3SciOzFjg1pe8G11VRLV6MjsLb7tCgYB7YyprORcuzdNihNhZ9lCEh3WSwwdFsML9wUPbtuRhenJQXaeY"
age
61302
x-timer
S1747100218.919048,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
750
date
Tue, 13 May 2025 01:36:57 GMT
content-type
application/x-mpegurl
x-served-by
cache-iad-kcgs7200157-IAD, cache-per12626-PER
server
otfp
x-cache-hits
86, 0
main.19.8.587.js
static.adsafeprotected.com/ Frame 46F0 		259 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.587.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=922805&campId=2560x1440&pubId=5708625285&chanId=22126653788&placementId=6972963992&pubCreative=138516301572&pubOrder=3751191092&cb=1188325430&adsafe_par&impId=c0f81c18-2f9a-11f0-8398-ae07cd09f6f2&custom2=direct&custom3=home-front&ias_adpath=.gravity-viewable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b35b62ba58a03be7e4975a1cd1565c21ec9f99611239fd8eae1d32bd92512da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

content-encoding
gzip
x-amz-version-id
o4s3lnfjYnYML7GGuwDdTzIjz0aPlkV2
etag
W/"2ded31ff332fa6f283a2d5ccd8c9bd02"
age
292917
x-cache
Hit from cloudfront
x-amz-cf-id
rz9IHrkqCAElbb701-PVZs1yUjgr8c0bw7uS2gYN-6im7YSXFkhZlA==
date
Fri, 09 May 2025 16:15:01 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 06 May 2025 18:45:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0e5fad4fbda422b5e31318b5a1ff65b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
TBsonobiPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBsonobiPrebidHandler.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b3024ec17169a9aa0639ccb73bdb1a0f2a9d1a15a4fff2813f2e7c0ed74461

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"1e59d768320f68b92962a54fb7c52463"
age
7393
x-amz-meta-gid
0
x-amz-meta-mtime
1746603608
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
W1oYU9IJXKHxYya3JZZPzjk2vQq0t-XYKa0fc2m7Vfb8JTSqsSoACA==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 07:40:09 GMT
x-served-by
cache-per12625-PER
x-cache-hits
930
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.032905,VS0,VE0
via
1.1 69c552a003fc45b72a75cb81a1b7f6a4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
46875
x-amz-cf-pop
PER50-P1
x-amz-meta-ctime
1746603608
server
AmazonS3
x-amz-server-side-encryption
AES256
TBfreewheelsspPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		139 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBfreewheelsspPrebidHandler.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
565dbd478f56fec6d2159a22f9dfb122548ba32ecd0c63610ce467f7ca07c94e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"783c3cc661526c57db64806365139452"
age
263750
x-amz-meta-gid
0
x-amz-meta-mtime
1746603603
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
s0DyDzGzcR3-N7aju7ez4L05ldgy6ADBX45R4zeT-SHTy_qCE7_wWQ==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 07:40:08 GMT
x-served-by
cache-per12625-PER
x-cache-hits
1080
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.033991,VS0,VE0
via
1.1 cf05b482095d42dc6afa733c1fd95900.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
46988
x-amz-cf-pop
MEL52-P1
x-amz-meta-ctime
1746603603
server
AmazonS3
x-amz-server-side-encryption
AES256
TBopenxPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		144 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBopenxPrebidHandler.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da53063b7df7f7f79382804041b2d45a0b1071a811ac7e92619a1fda65839522

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"186e198a9c55625568cc9337ac2b3b93"
age
71784
x-amz-meta-gid
0
x-amz-meta-mtime
1746603603
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
V7NwWTh5BT1o8_rDpY5T08-1jMWFA6D-qqNgiLwX7kbHLddPjo6Oig==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 07:40:07 GMT
x-served-by
cache-per12625-PER
x-cache-hits
1979
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.033664,VS0,VE0
via
1.1 8b93b532fb94eb73b6fcd0b378afc68a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
48240
x-amz-cf-pop
MEL52-P1
x-amz-meta-ctime
1746603603
server
AmazonS3
x-amz-server-side-encryption
AES256
TBrubiconPrebidHandler.js
vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/ 		166 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBrubiconPrebidHandler.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ed66a20857ca5f52a3ff0e25bdfa394f7a23d369532722fe8865df520eebb85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"050f54e8fa853bdd8553268c9a621099"
age
7393
x-amz-meta-gid
0
x-amz-meta-mtime
1746603603
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Miss from cloudfront, HIT
x-amz-cf-id
aWSc6diILDMwBZLtPnY4clxaUaOEA0G1aOvT9nY6uRpjXfi5XyBXGw==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
application/javascript
last-modified
Wed, 07 May 2025 07:40:07 GMT
x-served-by
cache-per12625-PER
x-cache-hits
1499
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100218.033552,VS0,VE0
via
1.1 76fff3006c0df31d837974b9422ad73c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
56228
x-amz-cf-pop
PER50-P1
x-amz-meta-ctime
1746603603
server
AmazonS3
x-amz-server-side-encryption
AES256
720p_30fps.m3u8
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/ 		424 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/720p_30fps.m3u8
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/hls.1.2.8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
2eab1ee4cdc124e49ce238f6477fa7f2fdecc0b4cec7a211e5e22af78fd77751

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

fastly-stats
otfp=1
etag
"McxlgCMocoBgNAJYc3grJIwaDmXtpztGDgtd87fG3nbhOtRKsFZ5kGbPeY-7flSGtuLH2O42cyDqXRvhGm2nzZp0lg"
age
27390
x-timer
S1747100218.066363,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
424
date
Tue, 13 May 2025 01:36:58 GMT
content-type
application/x-mpegurl
x-served-by
cache-iad-kiad7000057-IAD, cache-per12626-PER
server
otfp
x-cache-hits
398, 0
83516566007-1.webvtt
hlsmedia.gannett-cdn.com/_captions/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/_captions/83516566007-1.webvtt
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/hls.1.2.8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
1476c57574ddc2a14ae5ab647a5b3a7212795f8f20bd25f16f22512d959a8ab8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

fastly-stats
otfp=1
x-timer
S1747100218.086514,VS0,VE1
age
27390
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1104
date
Tue, 13 May 2025 01:36:58 GMT
content-type
text/vtt
x-served-by
cache-iad-kjyo7100085-IAD, cache-per12626-PER
server
otfp
x-cache-hits
228, 0
p
sb.scorecardresearch.com/ 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=3&ns_st_sp=1&ns_st_sc=1&ns_st_sq=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=4&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=4&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=2545&ns_st_det=2541&ns_st_upc=4&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=4&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=4&ns_st_dlpc=0&ns_st_lpa=4&ns_st_dlpa=0&ns_st_pa=4&ns_ts=1747100218058&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-122.syd3.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
vkskewN412BL0B23V1g15AA8zcn2MG4ACmkQRuKkvA7KOzHFXX6qYA==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P1
csi
csi.gstatic.com/ Frame 4C3B 		0
534 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~maluczru&c=1864189242412&slotId=932094621206&ghmsh_eids=95322027%2C95326337%2C95331589%2C95332046%2C95351091%2C95356068
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.695.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.194.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del12s07-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:58 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
p
sb.scorecardresearch.com/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035223&ns_type=hidden&ns_st_sv=5.1.1.160316&ns_st_smv=5.1&ns_st_it=r&ns_st_id=1747100215508&ns_st_ec=4&ns_st_sp=1&ns_st_sc=1&ns_st_sq=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=37&ns_st_cl=0&ns_st_mp=js_api&ns_st_mv=5.1.1.160316&ns_st_pn=1&ns_st_tp=0&ns_st_ci=83516566007&ns_st_pt=37&ns_st_dpt=33&ns_st_ipt=33&ns_st_et=2578&ns_st_det=33&ns_st_upc=37&ns_st_dupc=33&ns_st_iupc=33&ns_st_upa=37&ns_st_dupa=33&ns_st_iupa=33&ns_st_lpc=37&ns_st_dlpc=33&ns_st_lpa=37&ns_st_dlpa=33&ns_st_pa=37&ns_ts=1747100218091&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=2&ns_st_dpc=1&ns_st_pp=2&ns_st_br=0&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=sports&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=&ns_st_tdt=*null&ns_st_pu=*null&ns_st_ti=*null&c3=telegram&c4=sports&c6=*null&c7=https%3A%2F%2Fwww.indystar.com%2Fvideos%2Fsports%2Fhigh-school%2F2025%2F05%2F11%2Findystar-2025-sports-mom-of-the-year-opens-arms-to-all-lawrence-north-students-tamika-beeler%2F83516566007%2F&c8=IndyStar%202025%20Sports%20Mom%20of%20the%20Year%20opens%20arms%20to%20all%20Lawrence%20North%20students&c9=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-244-122.syd3.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
wnHy4XA9tUNIMnbzjnbBnIZdwYI8J5BTYI3XoS2-uoXYT11XSnkGTA==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P1
trinity.json
apex.go.sonobi.com/ 		633 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2225a55aa56fb9028%22%3A%22b8c2edf451ab8122f5d1%7C660x495%7Cf%3D2%2Cgpid%3Dad_unit_vpaid-player-container%2Cc%3Dv%2Cpm%3D2%2Cp%3D3%2Cpl%3D4%2C%22%7D&ref=https%3A%2F%2Fwww.telegram.com%2F&s=bd663180-77f6-4563-a79c-860d9045ac97&pv=8d0bc504-3670-428e-8f5b-06ec038d4652&vp=desktop&lib_name=prebid&lib_v=8.52.2&us=5&iqid=null&fpd=%7B%22source%22%3A%7B%22tid%22%3A%22abf87fa3-553d-407e-abb7-a81aab738108%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22telegram.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22telegram.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.telegram.com%2F%22%2C%22content%22%3A%7B%22url%22%3A%22%252F%252Fvidstatb.taboola.com%252Fvid%252FblackScreen5.mp4%22%2C%22title%22%3A%22Blank%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F136.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%2C%22bcat%22%3A%5B%22IAB11-4%22%2C%22IAB9-7%22%2C%22IAB13-7%22%2C%22IAB26-3%22%5D%2C%22badv%22%3A%5B%22betcheslovethis.com%22%2C%22funnie.st%22%2C%22foxbet.com%22%2C%22888sport.com%22%2C%22govextra.gov.il%22%2C%22splashwines.com%22%2C%22betonline.ag%22%2C%22bovada.lv%22%2C%22draftkings.com%22%2C%22intertops.eu%22%2C%22mybookie.ag%22%2C%22thescore.bet%22%2C%22boutiquesgift.com%22%2C%22sportsbetting.ag%22%2C%22royalshell.com%22%2C%22cnn.com%22%2C%22bookmaker.eu%22%2C%22intadx.com%22%2C%22yahoo.com%22%2C%22gtbets.ag%22%2C%22wynnbet.com%22%2C%22hardrockcasino.com%22%2C%22sportsretriever.com%22%2C%22hollywoodpnrc.com%22%2C%22betamerica.com%22%2C%22sports.com%22%2C%22playsugarhouse.com%22%2C%22betus.com%22%2C%22journeyfeeds.com%22%2C%22xbet.ag%22%2C%22betrivers.com%22%2C%22caesars.com%22%2C%22twinspires.com%22%2C%22betmgm.com%22%2C%22fanduel.com%22%2C%22pointsbet.com%22%2C%22foxbusiness.com%22%2C%22williamhill.com%22%2C%224minuteabs.com%22%2C%22smartlifetrends.org%22%2C%22ballys.com%22%2C%22pngaming.com%22%2C%22betnow.eu%22%2C%22unibet.com%22%2C%22bet365.com%22%5D%7D&ius=0&hfa=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22taboola.com%22%2C%22rid%22%3A%22-1547716514%22%2C%22sid%22%3A%221261138%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D&coppa=0
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.34.249.210 Monterey Park, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
28b01971b861fcd6395d24750256dc47768a22ec94645f27384943cd3b92b174
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://www.telegram.com
content-length
349
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:36:59 GMT
tcn
Choice
content-type
application/json
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		328 B
446 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
bc9b9c0913e121fc4e770977375144e96c31703606aadf22265f0b3376c6485d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
expires
0
access-control-allow-origin
https://www.telegram.com
content-length
261
x-prebid
pbs-java/3.25.0
content-type
application/json
vary
origin
720p_30fps-1.ts
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/720p_30fps-1.ts
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/hls.1.2.8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
ad93d6a1cdd51bb1f867ed60892fb156eed59644bd67f2464bf6e3db7fcf1669

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

fastly-stats
otfp=1
x-fastly-otfp-info
ss=0.000 sl=5.933 vl=62.467 rs=1280x720
etag
"hSAKzZJnTMkE53-F9-g0DTmTg2TjQ0qGeto-msEpQfeWkhhGPyI8-fBPC5gUELmc6V-rSA1iHD3LfYD2Gh3S5PNw2g"
age
27390
x-timer
S1747100218.156442,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1233656
date
Tue, 13 May 2025 01:36:58 GMT
content-type
video/mp2t
x-served-by
cache-iad-kjyo7100072-IAD, cache-per12626-PER
server
otfp
x-cache-hits
392, 0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
387 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBPrebidHandler.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ab12e18e3eadd01748f5c269f81a6af604eefcac18e0d8ee59503541d18b3f23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
x-forwarded-for
103.108.231.246
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://www.telegram.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Tue, 13 May 2025 01:36:58 GMT
content-type
text/plain
vary
Origin
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=33815131&componentId=prebid&componentSubId=intext-roll&timestamp=1747100218144&_fw_bidfloor=2&_fw_bidfloorcur=USD&pbjs_version=8.52.2&pKey=1849598509&_fw_prebid_content=%7B%22url%22%3A%22%252F%252Fvidstatb.taboola.com%252Fvid%252FblackScreen5.mp4%22%2C%22title%22%3A%22Blank%22%7D&schain=%7B%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22taboola.com%22%2C%22rid%22%3A%22-1547716514%22%2C%22sid%22%3A%221261138%22%7D%5D%2C%22complete%22%3A1%2C%22ver%22%3A%221.0%22%7D&loc=https%3A%2F%2Fwww.telegram.com%2F&playerSize=660x495&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v17.6.6/TBPrebidHandler.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.52.90 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-40-52-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.telegram.com/

Response headers

Cache-Control
max-age=0, no-cache, no-store
x-sticky-vk
1747100218861070-10
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 13 May 2025 01:36:59 GMT
Access-Control-Allow-Origin
https://www.telegram.com
Content-Length
67
Date
Tue, 13 May 2025 01:36:59 GMT
Content-Type
application/xml;charset=UTF-8
Server
nginx
ecm3
s.amazon-adsystem.com/ Frame 4213
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=MALUD0BO-1M-8ZKE&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MALUD0BO-1M-8ZKE&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
N8MVAPA4AH2E2N53MNG9
Content-Length
43
Date
Tue, 13 May 2025 01:36:59 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MALUD0BO-1M-8ZKE&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
content-length
0
Content-Type
text/html
ecm3
s.amazon-adsystem.com/ Frame 4213
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3901018189051804000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3901018189051804000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
SEBTQEWKCJEMAPY0GN7Z
Content-Length
43
Date
Tue, 13 May 2025 01:36:58 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3901018189051804000V10
Pragma
no-cache
Connection
keep-alive
Expires
Tue, 13 May 2025 01:36:58 GMT
x-mnet-hl2
E
Content-Length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Date
Tue, 13 May 2025 01:36:58 GMT
Content-Type
text/html
Server
Apache
101959
jadserve.postrelease.com/suid/ Frame 4213 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.197.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-197-47.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 13 May 2025 01:36:59 GMT
content-type
image/gif
server
nginx
/
s.ad.smaato.net/i/ Frame 7134 		675 B
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.183.23 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
23.183.213.35.bc.googleusercontent.com
Software
/
Resource Hash
bfaf3126f255329d635a08d874fc9941a87d95dc5897bd224ad4ed63a3ca10dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
675
content-type
text/html
date
Tue, 13 May 2025 01:36:58 GMT
via
1.1 google
usermatch
ssum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae098cc46e3d9b0c0e39895fba90f600df8f7ffcd91761044432d4638c31e8e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
93ee6d8e6d268673-PER
content-encoding
br
content-type
text/html
date
Tue, 13 May 2025 01:36:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwtIuGIccDPchYH4mOMo65dZodVo%2FGnXlhaCuOb0Y1MB7xBsfAW1VXAVBSb4PfrIu1CP5%2FSdaOw%2FXybu30idiyvcn7YYa7Ld2I%2BGjWTxQi1xfk%2Bc7JDoOnfLHDOJy%2BME6O0Ii8nHkHeg9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
93ee6d8cfbe18673-PER
content-length
0
date
Tue, 13 May 2025 01:36:58 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cL2wpEceAAEb4yk%2Bzwc%2BuRC0kbPZLAz48ob%2FD%2BCnQe%2FxBzt87bWNspdE5IDTJzO2zy5dMcP8ZK6rpxIk8%2FT0xwHBYMt4%2F96HLiKRyOVGdUtlil8IRJks6SGCqOdn%2FSQdQz8ppmZ3h2J8Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 86BE 		638 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8ddcd133ca622aea18aab31e001f2789052de821b0f3a8f830bfa1382e971c97
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
638
strict-transport-security
max-age=16000000; includeSubDomains; preload;
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B782 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.132.242 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-132-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a88123f7890e58349e3a64226c716be9d346a42ba76e542a8ebdd30026a89604

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=132495
content-encoding
gzip
content-length
6694
content-type
text/html
date
Tue, 13 May 2025 01:36:58 GMT
expires
Wed, 14 May 2025 14:25:13 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 2242
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mcGhKR2JsRTJ1S09fS1oxSy5Mb25sZGpGYlNqT0VQcH5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mcGhKR2JsRTJ1S09fS1oxSy5Mb25sZGpGYlNqT0VQcH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 May 2025 01:36:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H4J4XQPDYNJQK6ZQCYDE

Redirect headers

age
1
content-length
0
content-type
text/html
date
Tue, 13 May 2025 01:36:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1mcGhKR2JsRTJ1S09fS1oxSy5Mb25sZGpGYlNqT0VQcH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
referrer-policy
no-referrer-when-downgrade
server
ATS
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame A346
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
714 B
939 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
71fc53aaed8d369e447b23add6a83316ddd0f40f230299bd593363b6d549585c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
714
content-type
text/html
date
Tue, 13 May 2025 01:36:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
103.108.231.246

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 13 May 2025 01:36:58 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
103.108.231.246
ecm3
s.amazon-adsystem.com/ Frame FD1E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6016056465705123898&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6016056465705123898&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 May 2025 01:37:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RDSQ2MZB20A5BFG8T8F2

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Tue, 13 May 2025 01:36:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=6016056465705123898&gdpr=0&gdpr_consent=
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
syncframe
gum.criteo.com/ Frame 6DC3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.telegram.com&gpp=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
43fe7cc6db1c3739aeb83e2496de0dd49feaf3aeee148bbb99f2aabd682f9347
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 May 2025 01:36:57 GMT
server
Kestrel
server-processing-duration-in-ticks
776304
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
cm
trc.taboola.com/sg/prebidJS/1/ 		43 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/prebidJS/1/cm
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date
Tue, 13 May 2025 01:36:58 GMT
x-served-by
cache-per12624-PER
x-cache-hits
0
cache-control
no-cache, no-store
x-fastly-to-nlb-rtt
83537
pragma
no-cache
x-timer
S1747100218.337777,VS0,VE85
x-vcl-time-ms
85
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-service-version
v1
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 2ACF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4945208088227563320&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=4945208088227563320&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 May 2025 01:36:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
54Y5FZZHFVSP6DG5R856

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
38659e34-bfff-4aba-946f-66bdcd789b64
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 13 May 2025 01:36:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=4945208088227563320&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
103.108.231.246; 103.108.231.246; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 7D9A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3524119969491686977311
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3524119969491686977311
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-index_n-sharethrough_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_smrt_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 May 2025 01:36:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QMSS27Y7VP65E3N38T9A

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 13 May 2025 01:36:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3524119969491686977311
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cframe.js
a.amxrtb.com/js/ Frame E20A 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.amxrtb.com/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?gdpr=gdpr=0&&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadaptmxrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BBUYER_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.250 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3e322592390f688687ac427f9d65b104e9bbbbfb5760d438a725bfa5861dd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5464747087d99dbb5bf6eb058ec52a84"
age
1111
expires
Tue, 13 May 2025 05:36:58 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
WwwSXHIX7mzC44sENt5FZHduUd1APV1hWBS82a7NA8LDDGz8k6B4-w==
date
Tue, 13 May 2025 01:36:58 GMT
content-type
text/javascript
last-modified
Wed, 07 May 2025 17:04:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
via
1.1 8b93b532fb94eb73b6fcd0b378afc68a.cloudfront.net (CloudFront)
cf-ray
93ee6d8d8f14cffa-PER
x-amz-cf-pop
MEL52-P1
server
cloudflare
x-amz-server-side-encryption
AES256
1d14c48f-fc47-4076-adc0-2387ac2e17e7
https://www.telegram.com/ 		0
0
/
sync.taboola.com/sg/adaptmxrtb-network/1/rtb-h/ Frame E20A 		0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adaptmxrtb-network/1/rtb-h/?taboola_hm=5a737115-36cb-4ede-8910-c8d66ada0f7a
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

x-fastly-to-nlb-rtt
52606
date
Tue, 13 May 2025 01:36:58 GMT
server
nginx
access-control-allow-credentials
true
720p_30fps-2.ts
hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/ 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hlsmedia.gannett-cdn.com/authoring/videos/zype/renditions/681cee1603b5700001fb5972/720p_30fps-2.ts
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/gcdn/gannett-web/apps/teal/dist/vendor/hls/hls.1.2.8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
05c0e096809c6b6969883c9b818578ad67caf00d9e07d78428e0554f0a05c27a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

fastly-stats
otfp=1
x-fastly-otfp-info
ss=5.933 sl=6.000 vl=62.467 rs=1280x720
etag
"taIC13aBse1B94tR2FmMnL2ZUXiILdbW6KJQ10vJg8s1H3fYXEFVmeKl8M3PVC2cFiozOOgRVFEdmKeB_sMpechG6Q"
age
27390
x-timer
S1747100219.640221,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
2009720
date
Tue, 13 May 2025 01:36:58 GMT
content-type
video/mp2t
x-served-by
cache-iad-kcgs7200113-IAD, cache-per12626-PER
server
otfp
x-cache-hits
263, 0
json
gum.criteo.com/sid/ Frame 6DC3 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=www.telegram.com&sn=ChromeSyncframe&so=0&topUrl=www.telegram.com&topicsavail=1&fledgeavail=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.telegram.com&gpp=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
76ee27a7838a0e5cb088b87306a36afd7aa307a605501a2c9451e40e81ca4b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=www.telegram.com&gpp=

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
server-processing-duration-in-ticks
999303
expires
0
date
Tue, 13 May 2025 01:36:58 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel
client-logs
reporting-api.gannettinnovation.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://reporting-api.gannettinnovation.com/client-logs
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/main-q1a2z37f3c0ca1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.com/

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C90 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdz7DDrWhvG6Tnl3rL_Kk0Ci0UgkAqf_EnGivyONKTDOBzR2N0HKtMmkLg0B5HFtNa5YjaMW1Wsjrzf17GlBvLaWVL8AxrczJPMbdycyMpvD3e4JleLzImq5_GrOSbywVdlm2aa3-4FWce8hmjQE4yenhpn_vbmN4Qdc-YR5qiFW9ocgI&sig=Cg0ArKJSzHSFafU4nt_hEAE&id=lidar2&mcvt=1007&p=-471,315,429,1915&tm=1241&tu=187.69999980926514&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,46&v=20250512&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=151063775&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=4303301700&rst=1747100216617&rpt=839&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 13 May 2025 01:36:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3DappnexusAst%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://www.telegram.com/pbd/setuid?bidder=appnexusAst&gdpr=&gdpr_consent=&f=i&uid=4945208088227563320
86 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=appnexusAst&gdpr=&gdpr_consent=&f=i&uid=4945208088227563320
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:36:59 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100219.016821,VS0,VE51
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

cache-control
no-store, no-cache, private
location
https://www.telegram.com/pbd/setuid?bidder=appnexusAst&gdpr=&gdpr_consent=&f=i&uid=4945208088227563320
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.246; 103.108.231.246; 1045.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
c322561e-5c05-4423-8378-24bf23fd704f
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:36:58 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
PugMaster
image6.pubmatic.com/AdServer/ Frame B782 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91729019&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
55ab2aa0e596fe78e5712a2925a26622e1b5ef03358a2083c8bfe71609fddd5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
1688
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:36:59 GMT
content-type
text/html; charset=UTF-8
sharethrough
sync.a-mo.net/setuid/ Frame E20A
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=a6a34444&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dsharethrough...
  • https://sync.a-mo.net/setuid/sharethrough?uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
0
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/sharethrough?uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:37:00 GMT
x-envoy-upstream-service-time
2
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://sync.a-mo.net/setuid/sharethrough?uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame E20A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
0
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:36:58 GMT
x-envoy-upstream-service-time
7
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://prebid.a-mo.net/setuid/magnite?uid=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
0
Content-Type
text/html
setuid
sea1-sync.a-mo.net/ Frame E20A
Redirect Chain
  • https://id.a-mx.com/u?gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Damx_com%26uid%3D&A=5a737115-36cb-4ede-8910-c8d66ada0f...
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=amx_com&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a
0
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=amx_com&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:36:59 GMT
x-envoy-upstream-service-time
5
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

date
Tue, 13 May 2025 01:36:58 GMT
location
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=amx_com&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a
content-length
0
setuid
sea1-sync.a-mo.net/ Frame E20A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&r=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=1---&ox_sc=1
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=openx&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
0
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=openx&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:37:00 GMT
x-envoy-upstream-service-time
4
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

cache-control
private, max-age=0, no-cache, must-revalidate
location
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=openx&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:36:59 GMT
vary
Origin
cookie
cm.adform.net/ Frame E20A 		35 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

access-control-max-age
86400
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
Pug
image2.pubmatic.com/AdServer/ Frame E20A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dpubmatic%26uid%3D%23P...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dpubmatic%26uid%3D%23P...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
1 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
no-store, no-cache, private
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
text/html; charset=utf-8
server
nginx

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
0
Date
Tue, 13 May 2025 01:37:01 GMT
Pragma
no-cache
Connection
keep-alive
setuid
sea1-sync.a-mo.net/ Frame E20A
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=sovrn&uid=KptAALZHeceMtXCFTrGEFLT-
0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=sovrn&uid=KptAALZHeceMtXCFTrGEFLT-
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:36:59 GMT
x-envoy-upstream-service-time
3
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

location
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=sovrn&uid=KptAALZHeceMtXCFTrGEFLT-
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Tue, 13 May 2025 01:36:59 GMT
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
setuid
sea1-sync.a-mo.net/ Frame E20A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsea1-sync.a-mo.net%2Fsetuid%3FA%3D5a737115-36cb-4ede-8910-c8d66ada0f7a%26bidder%3Dappnexus%26uid%3D%24UID
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=appnexus&uid=4945208088227563320
0
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=appnexus&uid=4945208088227563320
Requested by
Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&cmcv=&pix=undefined&cb=1747100217250&uv=3557&tms=1747100217250&abt=adxsub-out_vA!adxsub-out_vB!dfrc_vA!strpl2-in_vA!strpl2_vA!strpl2_vB!strpl2_vC!t45!ufm_vE!ul3557_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=61db6fb8-ea15-4ca6-abd8-6ec5eaf95c0b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:37:00 GMT
x-envoy-upstream-service-time
5
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

cache-control
no-store, no-cache, private
location
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=appnexus&uid=4945208088227563320
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.246; 103.108.231.246; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
e42b615c-2683-420c-ab11-dcac32fc4083
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
rum
dsum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&expiration=1749692218&gdpr=0&gdpr_consent=
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&expiration=1749692218&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5lZbZnWxN36H%2Fwb1NhkQm0XlwHBkTOsF%2Bpj2IT2GwPnQ5luiByFqTHCvsUA3RgI%2Bw69t7zbhaFngyId0Yxr2fXbMqAqsTP0%2BG%2Fhn4PpmXmefnxaOldvGXFL56kABC%2B0Mx%2B6wK1MuU6xxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
93ee6d904e798673-PER
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:36:58 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&expiration=1749692218&gdpr=0&gdpr_consent=
content-length
323
date
Tue, 13 May 2025 01:36:58 GMT
server
Kestrel
usermatchredir
ssum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
43 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXdpXmRRBPRFk5GJ05vxfSnQhSUURfz0jzt8veAdMh0byiFcEO7igoXoQmuBp%2F8hnPZHsV1r8eN202HyaqPL9FECpaQhP044jYa03t%2B0c4BnEZWBd9sKoHWOup5uT3533K%2BsyJAo%2BYGFbA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:36:59 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6d942ec0cf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
364
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
crum
dsum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aCKiOosFVsAAMsGdAHV18gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECj2KJfJol07eKqn22dSy60&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECj2KJfJol07eKqn22dSy60&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8GBMbOIHyxz4qSwgErz43fS8%2B6n9dVPbuIqV74su4wV%2FSVzLeyktmoq3xZcH%2BOLDwXysX%2FEw9LZP9W9krnfwXDoHiFTLhCG6K1sH3MiCLzc%2FA0Wkv47u5lxWrGChYT%2BBUnCyHTMwKZ11Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:36:59 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6d943edecf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECj2KJfJol07eKqn22dSy60&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
314
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
dcm
s.amazon-adsystem.com/ Frame FC0E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
BAZBPZAAE5DC348XM0VB
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 13 May 2025 01:37:00 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
crum
dsum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662137394473015
43 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662137394473015
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEPMiXuNGphNdj4eOfvBgkSDgVFMiQlaYdqLfg5YOHuTY96vL9LJL3IUVl%2FS5PPiQzuN0gtktNlIuDKZMGxmEkbiTTMtexagfN%2FGjowYnfkPHgzND27lSEtUqPGc8aLkHRwxSHz%2F4tiqTg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6d998e96cf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, private
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662137394473015
cf-cache-status
DYNAMIC
pragma
no-cache
x-function
209
cf-ray
93ee6d97ea4e8655-PER
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-reuse-index
1235
p3p
CP="NOI DEVo TAIa OUR BUS"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
text/html
server
cloudflare
crum
dsum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4945208088227563320
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4945208088227563320
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeLkL5e0Kh8w686xc5UQDwd1Qr6MIXEEyjt5lfsDff1SIH%2BnpeQjn%2BQwmbkfuyEPrCaMKm1X3fjCmgYRiZPi4%2BB1tdUPtaixeFb%2BaYDasAivYWv2mbfsxZ%2BaYuPqlmDqQG6%2FjIyjmstjMw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6d9b38f1cf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, private
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4945208088227563320
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.246; 103.108.231.246; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
71c89b72-b221-4fcc-87c4-674b29ee3487
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:37:00 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
crum
dsum-sec.casalemedia.com/ Frame FC0E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=123&external_user_id=0LdLNqmUWyRyUf4jdQPf-mds5_Y
43 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=123&external_user_id=0LdLNqmUWyRyUf4jdQPf-mds5_Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxQDkpPFxikl5wUGtgoOV2dOysB2LQoZTiSXSYwszRPbiiWyAmNUEXXeXVMIO5QUb9nW2%2Ba0RrwjQgBi5gaci1Jcx0jckLzsxgu4i3fODJ3fofOzJawx%2FKSrKYjCBliOVRegqYrCNt%2BAjg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6d9c1a2bcf9d-PER
content-length
43
server
cloudflare

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=123&external_user_id=0LdLNqmUWyRyUf4jdQPf-mds5_Y
Content-Length
123
Date
Tue, 13 May 2025 01:37:00 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
/
csync.loopme.me/ Frame FC0E 		0
0
ecm3
s.amazon-adsystem.com/ Frame FC0E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
AVSB29KPZPJ9RQ39D6F4
Content-Length
43
Date
Tue, 13 May 2025 01:37:00 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=7_7X_F80b3VDdVBkVTZEbUVKOXVYOSUyRk1FVlVzWU4lMkZTb1BubEFuTExkOVJFS3YyTSUzRA&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-syBnxJrdHb...
  • https://ssp-sync.criteo.com/user-sync/match?p=7_7X_F80b3VDdVBkVTZEbUVKOXVYOSUyRk1FVlVzWU4lMkZTb1BubEFuTExkOVJFS3YyTSUzRA&u=e028401f-2b8a-4983-9f20-5999437e5cf4
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=7_7X_F80b3VDdVBkVTZEbUVKOXVYOSUyRk1FVlVzWU4lMkZTb1BubEFuTExkOVJFS3YyTSUzRA&u=e028401f-2b8a-4983-9f20-5999437e5cf4
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
182.161.73.164 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Tue, 13 May 2025 01:37:00 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//ssp-sync.criteo.com/user-sync/match?p=7_7X_F80b3VDdVBkVTZEbUVKOXVYOSUyRk1FVlVzWU4lMkZTb1BubEFuTExkOVJFS3YyTSUzRA&u=e028401f-2b8a-4983-9f20-5999437e5cf4
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:36:58 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d228YZl9EbnRFanVudXlqUTNIYWF2dUZqNDhVenlmRFNrWndRdjZjSmJaYTJRQWk0JTNE%26u%3d%24UID&gdpr=0&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=228YZl9EbnRFanVudXlqUTNIYWF2dUZqNDhVenlmRFNrWndRdjZjSmJaYTJRQWk0JTNE&u=4945208088227563320&gdpr=0&gdpr_consent=
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=228YZl9EbnRFanVudXlqUTNIYWF2dUZqNDhVenlmRFNrWndRdjZjSmJaYTJRQWk0JTNE&u=4945208088227563320&gdpr=0&gdpr_consent=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
182.161.73.164 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Tue, 13 May 2025 01:36:59 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://ssp-sync.criteo.com/user-sync/match?p=228YZl9EbnRFanVudXlqUTNIYWF2dUZqNDhVenlmRFNrWndRdjZjSmJaYTJRQWk0JTNE&u=4945208088227563320&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.246; 103.108.231.246; 1045.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
5c98defc-851a-40e2-b4c5-0960819be98a
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-syBnxJrdHbvWI6tzd28xCGXrqTuGsV0DdqjRSA&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3...
  • https://ssp-sync.criteo.com/user-sync/match?p=Shd-wV9RUHlXYXA5VmZKMDRUaEslMkJrQUhQVndPMFlObFRnJTJGY3lEeDFBd3B6OFFUbyUzRA&u=CAESEB1wEPYNQ_rxXjNLYfhspE8&gdpr=0&gdpr_consent=&google_cver=1
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=Shd-wV9RUHlXYXA5VmZKMDRUaEslMkJrQUhQVndPMFlObFRnJTJGY3lEeDFBd3B6OFFUbyUzRA&u=CAESEB1wEPYNQ_rxXjNLYfhspE8&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
182.161.73.164 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
date
Tue, 13 May 2025 01:36:59 GMT
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ssp-sync.criteo.com/user-sync/match?p=Shd-wV9RUHlXYXA5VmZKMDRUaEslMkJrQUhQVndPMFlObFRnJTJGY3lEeDFBd3B6OFFUbyUzRA&u=CAESEB1wEPYNQ_rxXjNLYfhspE8&gdpr=0&gdpr_consent=&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
398
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
bidder-initiated
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2961834579920080504
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2961834579920080504
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
182.161.73.164 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
content-length
0
date
Tue, 13 May 2025 01:36:59 GMT
server
Kestrel
cross-origin-resource-policy
cross-origin

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2961834579920080504
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
0
Date
Tue, 13 May 2025 01:36:59 GMT
Pragma
no-cache
Connection
keep-alive
bidder-initiated
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://ds.uncn.jp/mg/0/sync_push
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_282e580a-816f-413f-8ea7-e36f54d69c8e
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_282e580a-816f-413f-8ea7-e36f54d69c8e
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
182.161.73.164 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-store,max-age=0
content-length
0
date
Tue, 13 May 2025 01:36:59 GMT
server
Kestrel
cross-origin-resource-policy
cross-origin

Redirect headers

Location
https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_282e580a-816f-413f-8ea7-e36f54d69c8e
Content-Length
137
Date
Tue, 13 May 2025 01:36:59 GMT
Content-Type
text/html; charset=utf-8
Server
Apache
Connection
keep-alive
notify-hpp-impression
nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/ Frame 21CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/gannettdigital-telegram/notify-hpp-impression?page.url=https%3A%2F%2Fwww.telegram.com%2F&view.id=161310544407137171&page.dashboard=home&sourceItemType=home&platform=DESK&variant=null&ui=7c1c986a-bef9-4c43-91dc-8fa9d1e876fc-tuctf1c27b7
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.telegram.com
Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET,POST,PUT
access-control-allow-origin
*
date
Tue, 13 May 2025 01:36:59 GMT
server
nginx
tbl-x-upstream
10.35.41.143:80
vary
Origin
via
1.1 varnish
x-application-context
hpp-event-server:production
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
13
x-served-by
cache-per12622-PER
x-timer
S1747100219.910056,VS0,VE110
ecm3
s.amazon-adsystem.com/ Frame 7134 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=2defe1ac4f
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://s.ad.smaato.net/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
YVP31ZS8NM66EW23Z0S0
Content-Length
43
Date
Tue, 13 May 2025 01:36:59 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
smaato
cs.admanmedia.com/sync/ Frame 7134 		0
0
/
sync.taboola.com/sg/smaatortb-network/1/rtb-h/ Frame 7134
Redirect Chain
  • https://um.simpli.fi/smaato_p
  • https://s.ad.smaato.net/c/?dspId=1001136&dspCookie=41F5D12F86AE4CB083AB2D14A27CCAD6
  • https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2defe1ac4f&gdpr=0&gdpr_consent=
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2defe1ac4f&gdpr=0&gdpr_consent=
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://s.ad.smaato.net/

Response headers

x-fastly-to-nlb-rtt
51860
date
Tue, 13 May 2025 01:37:00 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

via
1.1 google
cache-control
no-cache, must-revalidate
location
https://sync.taboola.com/sg/smaatortb-network/1/rtb-h/?taboola_hm=2defe1ac4f&gdpr=0&gdpr_consent=
content-length
5
date
Tue, 13 May 2025 01:37:00 GMT
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame 7134
Redirect Chain
  • https://sync.1rx.io/usersync2/smaato?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/smaato?zcc=1&cb=1747100220580
  • https://ad.turn.com/r/cs?pid=45&id=RX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004&rndcb=1628408852
  • https://sync.1rx.io/usersync/turn/2961834579920080504?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004?redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspInit%3D1001678%26dspCookie%3DRX-e8da6c9a-39cf-4d4b-bc1c-fd1b...
  • https://s.ad.smaato.net/c/?dspInit=1001678&dspCookie=RX-e8da6c9a-39cf-4d4b-bc1c-fd1bc9b78e44-004
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=2defe1ac4f&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://us.ck-ie.com/smto1.gif?gpp=$GPP_STRING&gpp_sid=$GPP_SID&gdpr=0&gdpr_consent=&us_privacy=$USPrivacy&coppa=$COPPA
  • https://s.ad.smaato.net/c/?dspId=1001914&dspCookie=bfef1ffb556f2ae5797668137b41f955735112b57cc29bdeada46f0f7187c23f
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=2defe1ac4f&gdpr=0&gdpr_consent=
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D2defe1ac4f%26gdpr%3D0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=2defe1ac4f&gdpr=0&gdpr_consent=
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=2defe1ac4f&gdpr=0&gdpr_consent=
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
H2
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://s.ad.smaato.net/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Tue, 13 May 2025 01:37:05 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, must-revalidate
location
https://rtb-csync.smartadserver.com/redir/?partnerid=133&partneruserid=2defe1ac4f&gdpr=0&gdpr_consent=
content-length
5
date
Tue, 13 May 2025 01:37:05 GMT
content-type
text/plain; charset=utf-8
sync-iframe
cs-server-s2s.yellowblue.io/ Frame FD15 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-199-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
12a9ea6e83f7f11a2696fcee5cf5615151d09179740d2f957ccca9028cfd2f6f

Request headers

Referer
https://s.ad.smaato.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://s.ad.smaato.net/
access-control-expose-headers
X-Reason
content-length
1671
content-type
text/html
date
Tue, 13 May 2025 01:37:00 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
ecm3
s.amazon-adsystem.com/ Frame A346 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=15a93a35-3eae-ceea-15e9-edd5c62fd873
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
086B744Y0C34QMV9SRRV
Content-Length
43
Date
Tue, 13 May 2025 01:37:00 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
sd
us-u.openx.net/w/1.0/ Frame A346
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGu5hunwItZJkPjMf8vMfDc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGu5hunwItZJkPjMf8vMfDc&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:36:59 GMT
content-type
image/gif
vary
Accept

Redirect headers

cache-control
no-cache, must-revalidate
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGu5hunwItZJkPjMf8vMfDc&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
295
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/ Frame A346 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjExMDk1ODItZWI3My0yYmI0LWMwMDctMzVmYjY0ZmVkZGYz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
sd
jp-u.openx.net/w/1.0/ Frame A346
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVwvS4MfgEfqks8AKGiYH-EdXM8AAAGWx0m8VQ
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVwvS4MfgEfqks8AKGiYH-EdXM8AAAGWx0m8VQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
vary
Accept

Redirect headers

cache-control
no-cache
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVwvS4MfgEfqks8AKGiYH-EdXM8AAAGWx0m8VQ
pragma
no-cache
via
1.1 34472d6f20d066888df6f09fc51137ba.cloudfront.net (CloudFront)
expires
-1
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
JBdmaME9sel7KRM4mdpbhh_84gEGmSvi24ljfyvRaH2e1ar1f8JCVw==
date
Tue, 13 May 2025 01:37:00 GMT
x-amz-cf-pop
SYD3-P2
sd
jp-u.openx.net/w/1.0/ Frame A346
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aCKiPMCo8YQAAB.E47EAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aCKiPMCo8YQAAB.E47EAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
vary
Accept

Redirect headers

Cache-Control
private
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=aCKiPMCo8YQAAB.E47EAAAAA
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.108.231.246","key":"aCKiPMCo8YQAAB.E47EAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40081"}
X-SO-Cluster-ID
0
X-SO-Upstream-ID
a-ad40081
X-SO-HostName
a-ad40081.dc2p.scaleout.jp
Connection
keep-alive
X-SO-IP
103.108.231.246
X-SO-Key
aCKiPMCo8YQAAB.E47EAAAAA
Content-Length
0
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Tue, 13 May 2025 01:37:00 GMT
X-SO-Ads-Time
3
Server
nginx
sd
us-u.openx.net/w/1.0/ Frame A346
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4d7f4648-2204-7510-d5e7-6f42ae1c1393&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=4d7f4648-2204-7510-d5e7-6f42ae1c1393&gdpr=0&gdpr_consent=
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=4d7f4648-2204-7510-d5e7-6f42ae1c1393&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:36:58 GMT
content-type
image/gif
vary
Accept

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=4d7f4648-2204-7510-d5e7-6f42ae1c1393&gdpr=0&gdpr_consent=
content-length
335
date
Tue, 13 May 2025 01:36:59 GMT
server
Kestrel
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%...
  • https://www.telegram.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3901018189051804000V10
86 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3901018189051804000V10
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100221.516896,VS0,VE53
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
cache-control
max-age=0, no-cache, no-store
location
https://www.telegram.com/pbd/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=3901018189051804000V10
timing-allow-origin
*
pragma
no-cache
expires
Tue, 13 May 2025 01:37:00 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
content-length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
text/html
server
Apache
match
c1.adform.net/serving/cookie/ Frame 3FB5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 13 May 2025 01:37:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 13 May 2025 01:37:00 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
setuid
sea1-sync.a-mo.net/ Frame A8F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:52f96822-a23c-4700-a816-a286d2e84807&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:37:00 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
2

Redirect headers

content-length
160
content-type
text/html; charset=utf-8
date
Tue, 13 May 2025 01:37:00 GMT
location
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ecm3
s.amazon-adsystem.com/ Frame C274 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 May 2025 01:36:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RT1NVG0SWDYTA0AXZ2AH
sync
pippio.com/api/ Frame B782
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI2QTQ4MzI5LUExQUYtNDI4Mi04RDExLUFEODE1MEZCOUVCMhAAGg0IvMSKwQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=8ab4dd5bb338f73ef425a78db1053f562b7450113c99eaba635c42315bba2f28791426b5417dce21&_=2
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&it=1&iv=8ab4dd5bb338f73ef425a78db1053f562b7450113c99eaba635c42315bba2f28791426b5417dce21&_=2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Tue, 13 May 2025 01:37:01 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&it=1&iv=8ab4dd5bb338f73ef425a78db1053f562b7450113c99eaba635c42315bba2f28791426b5417dce21&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 13 May 2025 01:37:00 GMT
info
uipglob.semasio.net/adform/1/ Frame B782
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=26A48329-A1AF-4282-8D11-AD8150FB9EB2&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=26A48329-A1AF-4282-8D11-AD8150FB9EB2&sInitiator=external&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/15927723?&gdpr=0&gdpr_consent=&sInitiator=external&sExtCookieId=26A48329-A1AF-4282-8D11-AD8150FB9EB2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d
  • https://sg.semasio.net/sync/1/32675800?&gdpr=0&gdpr_consent=&sInitiator=internal&sExtCookieId=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsa.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=0&gdpr_consent=
  • https://sa.semasio.net/sync/1/4354957?sExtCookieId=4945208088227563320&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6003897296636376560&sInitiator=internal&gdpr=0&gdpr_consent=
  • https://sg.semasio.net/sync/1/16266044?sExtCookieId=6003897296636376560&gdpr=0&gdpr_consent=&sInitiator=internal
  • https://sync.srv.stackadapt.com/sync?nid=semasio
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=0LdLNqmUWyRyUf4jdQPf-mds5_Y&gdpr=&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=semasio
  • https://sg.semasio.net/sync/1/30805874?$sType=sync&sInitiator=internal&sExtCookieId=0LdLNqmUWyRyUf4jdQPf-mds5_Y&gdpr=&gdpr_consent=
  • https://track.adform.net/serving/cookie/match/?party=1008&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6003897296636376560&sInitiator=internal&gdpr=0&gdpr_consent=
42 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6003897296636376560&sInitiator=internal&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
HTTP/1.1
Server
95.173.218.112 Praha 10, Czech Republic, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-95-173-218-112.datapacket.com
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Routing-Server-ID
-1
Frontend-ID
4
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 01 Jan 2011 12:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
42
UIP-Response-Status
Ok
Date
Tue, 13 May 2025 01:37:04 GMT
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
location
https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=6003897296636376560&sInitiator=internal&gdpr=0&gdpr_consent=
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Tue, 13 May 2025 01:37:04 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
qmap
sync.crwdcntrl.net/ Frame B782
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=&ct=y
49 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Server
18.139.55.202 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-55-202.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
expires
0
access-control-allow-origin
*
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
49
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif

Redirect headers

expires
0
cache-control
no-cache
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=&ct=y
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Tue, 13 May 2025 01:37:00 GMT
pragma
no-cache
ImgSync
image8.pubmatic.com/AdServer/ Frame B782
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjZBNDgzMjktQTFBRi00MjgyLThEMTEtQUQ4MTUwRkI5RUIy&gdpr=0&gdpr_consent=&google_cm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC7qFnRKZirf2e4bD2JuNvs&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2fbcf7897b990a6a&is_secure=true&networkId=17100&version=1&nuid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AQACsbMBv6wn1wI4t-YyAQEBAQEBAQCXxkjBUQEBAQEBAQEB&expiration=1747186621&nuid=26A48329-A1AF-42...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Server
67.199.150.82 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 13 May 2025 01:37:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:01 GMT
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B782
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JqSDKaGvQoKNEa2BUPuesg%3D%3D&gdpr=0&gdpr_consent=&google_cm
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEPnno3Qu6WDlI_ErVsbn1pA&google_cver=1
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEPnno3Qu6WDlI_ErVsbn1pA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Server
23.221.132.242 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-132-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
max-age=132494
content-encoding
gzip
expires
Wed, 14 May 2025 14:25:13 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
6694
date
Tue, 13 May 2025 01:36:59 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
content-type
text/html
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEPnno3Qu6WDlI_ErVsbn1pA&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
362
date
Tue, 13 May 2025 01:36:59 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
SPug
image4.pubmatic.com/AdServer/ Frame B782
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC7qFnRKZirf2e4bD2JuNvs&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H8XhCptE2uXNHZUQ437yqIl0I5eHvSw-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H8XhCptE2uXNHZUQ437yqIl0I5eHvSw-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:00 GMT
server
nginx

Redirect headers

strict-transport-security
max-age=31536000
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H8XhCptE2uXNHZUQ437yqIl0I5eHvSw-~A&gdpr=0
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 13 May 2025 01:37:01 GMT
content-type
text/html
server
ATS
setuid
sea1-sync.a-mo.net/ Frame B782
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C949DC6242884B3DB9970167C506A2FF
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 13 May 2025 01:37:00 GMT
x-envoy-upstream-service-time
2
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

location
https://sea1-sync.a-mo.net/setuid?A=5a737115-36cb-4ede-8910-c8d66ada0f7a&bidder=pubmatic&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
160
date
Tue, 13 May 2025 01:37:00 GMT
content-type
text/html; charset=utf-8
26A48329-A1AF-4282-8D11-AD8150FB9EB2
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B782 		43 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/26A48329-A1AF-4282-8D11-AD8150FB9EB2?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.28.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-28-10.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Tue, 13 May 2025 01:36:59 GMT
content-type
image/gif
server
ATS
x-frame-options
DENY
sca.17.6.4.js
static.adsafeprotected.com/ Frame 2040 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: 0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com
URL: https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/safeframe/1-0-44/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-125.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

content-encoding
gzip
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
age
292918
x-cache
Hit from cloudfront
x-amz-cf-id
UiDZIGP2MX5elkkJMGR7gTbuvyl3_9dEnF_BM6DQ_sHXDhvSgi8txg==
date
Fri, 09 May 2025 16:15:01 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 13 May 2024 16:44:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0e5fad4fbda422b5e31318b5a1ff65b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
mon
pixel.adsafeprotected.com/ Frame 46F0 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=922805&campId=2560x1440&pubId=5708625285&chanId=22126653788&placementId=6972963992&pubCreative=138516301572&pubOrder=3751191092&cb=1188325430&adsafe_par&impId=c0f81c18-2f9a-11f0-8398-ae07cd09f6f2&custom2=direct&custom3=home-front&ias_adpath=.gravity-viewable&adsafe_url=https%3A%2F%2Fwww.telegram.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.telegram.com%2F&adsafe_type=ce&adsafe_url=https%3A%2F%2F0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-44%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:d011e0b6-1a1f-670b-b931-15029ebc3a84,c:cuaDAd,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-7b5cb49db-w6zgx,rg:au,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1494,mot:0,app:0,maw:0,tdt:s,fm:uL2msZq+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18111%7C1812%7C1813%7C18141%7C18142%7C18143%7C1815%7C1816%7C1817%7C1818%7C1819%7C19%7C1a*.922805%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:1a*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1554,oid:c22ccb73-2f9a-11f0-81a9-9e3105931820,v:19.8.587,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.236.254.232 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-236-254-232.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 13 May 2025 01:36:59 GMT
pragma
no-cache
content-type
image/gif
dt
dt.adsafeprotected.com/ Frame 46F0 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=d011e0b6-1a1f-670b-b931-15029ebc3a84&tv=%7Bc:cuaDAz,pingTime:-2,time:1575,type:a,im:%7Bsf:1,pom:1,prf:%7BbeA:507,beZ:510,mfA:2001,cmA:2004,inA:2005,inZ:2009,prA:2009,prZ:2056,si:2061,poA:2062,poZ:2072,cmZ:2072,mfZ:2072,loA:2078,loZ:2080,ltA:2082,ltZ:2082,mdA:511,mdZ:1955%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.900,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:1552%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:1576,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1552,wc:720.720.1600.1200,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:uL2msZq+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18111%7C1812%7C1813%7C18141%7C18142%7C18143%7C1815%7C1816%7C1817%7C1818%7C1819%7C19%7C1a*.922805%7C1a1%7C1b%7C1c%7C1d%7C1e%7C1f,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:1555,nmsd:-1,nph:-1,sinceFw:20,readyFired:true%7D&br=c
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.147.89.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-89-20.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 13 May 2025 01:37:00 GMT
pragma
no-cache
content-type
image/gif
dt
dt.adsafeprotected.com/ Frame 46F0 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=922805&asId=d011e0b6-1a1f-670b-b931-15029ebc3a84&tv=%7Bc:cuaDKr,pingTime:-10,time:2187,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTQ4MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTM2LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1747100220139%7C%7C0aea0358538e64f766f7f652593adf25%7C%7C06b4a7e6274c16710a1f6ac7ae09eff9%7C%7C3c7ccc50d9556425fdfc50fc271aed21%7C%7C6ebdc2f0790491c4d118320629881570%7C%7Ca3cd2615326ef36db5cb1342c1b17213%7C%7Cbc1aefc1868cfacbca6a59069b93be60%7C%7C825f75d272fe3bf9f30f3f60948b4ab4%7C%7C1715618633,sca:%7Beng:b,tss:%7Blts:2025-05-1309.36.59,tzo:-480,tzn:Australia/Perth%7D,bdp:%7Bcdp:1%7D,mob:%7Bori:0,ges:0,tch:0%7D,prp:%7Bnot:1,csi:1,msl:0,hdl:1,aps:0,hae:1,ito:1,sec:1%7D,exr:%7Bexs:objectExternal%7D,ifr:%7Bact:1,eff:1%7D,uai:%7Bent:1%7D,nit:%7Bpqr:denied,ntr:default%7D,cdc:%5B2,2,2,2,0,0,0,0,0,2,0,2,0,0,2,2,2,2%5D%7D,env:%7Bar:self.0%7D%7D
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.147.89.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-89-20.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://0c56c2f5965e629bdfe4a9def0382b4c.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-length
43
date
Tue, 13 May 2025 01:37:00 GMT
pragma
no-cache
content-type
image/gif
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dcolossusssp%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://www.telegram.com/pbd/setuid?bidder=colossusssp&gdpr=&gdpr_consent=&f=i&uid=395651b3-aa39-46bd-8d4e-d0dd7017dd76
86 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=colossusssp&gdpr=&gdpr_consent=&f=i&uid=395651b3-aa39-46bd-8d4e-d0dd7017dd76
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:37:01 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100221.495208,VS0,VE54
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Cache-Control
no-cache, no-store, must-revalidate
Location
https://www.telegram.com/pbd/setuid?bidder=colossusssp&gdpr=&gdpr_consent=&f=i&uid=395651b3-aa39-46bd-8d4e-d0dd7017dd76
Pragma
no-cache
Connection
keep-alive
Expires
0
Date
Tue, 13 May 2025 01:37:01 GMT
Server
nginx
ecm3
s.amazon-adsystem.com/ Frame 86BE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=94786221-a2fa-4320-ad0a-5ee72622cf68
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://match.sharethrough.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
P8C7X4XWPPFT2DMXNGVT
Content-Length
43
Date
Tue, 13 May 2025 01:37:00 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
v1
match.sharethrough.com/sync/ Frame 86BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=OTQ3ODYyMjEtYTJmYS00MzIwLWFkMGEtNWVlNzI2MjJjZjY4
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://match.sharethrough.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

cache-control
no-cache, must-revalidate
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
260
date
Tue, 13 May 2025 01:37:00 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
v1
match.sharethrough.com/sync/ Frame 86BE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://match.sharethrough.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=
content-length
323
date
Tue, 13 May 2025 01:37:00 GMT
server
Kestrel
sharethrough
sync.1rx.io/usersync2/ Frame 86BE 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync2/sharethrough
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://match.sharethrough.com/

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Tue, 13 May 2025 01:37:00 GMT
pragma
no-cache
v1
match.sharethrough.com/sync/ Frame 86BE
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&gdpr=0&gdpr_consent=
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=57e886eb718d0a41&is_secure=true&networkId=44410&version=1&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AQACv-b6UOcFqQIn4JtzAQEBAQEBAQCXxki_egEBAQEBAQEB&expiration=1747186621&nuid=94786221-a2fa-4320-ad0a-5ee72622...
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AQACv-b6UOcFqQIn4JtzAQEBAQEBAQCXxki_egEBAQEBAQEB&expiration=1747186621&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://match.sharethrough.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AQACv-b6UOcFqQIn4JtzAQEBAQEBAQCXxki_egEBAQEBAQEB&expiration=1747186621&nuid=94786221-a2fa-4320-ad0a-5ee72622cf68&is_secure=true&gdpr_consent=&gdpr=0
content-length
0
date
Tue, 13 May 2025 01:37:01 GMT
pragma
no-cache
server
nginx
cs
cs-server-s2s.yellowblue.io/ Frame FD15
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=58ceaaf5-c766-4c17-869a-d76e43401714&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11563&id=658fd283-c4a9-49a1-86f4-281f5dce3a86
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11563&id=658fd283-c4a9-49a1-86f4-281f5dce3a86
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
174.129.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-199-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cs-server-s2s.yellowblue.io/

Response headers

access-control-expose-headers
X-Reason
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
content-length
0
date
Tue, 13 May 2025 01:37:01 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11563&id=658fd283-c4a9-49a1-86f4-281f5dce3a86
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:00 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
cksync.php
contextual.media.net/ Frame FD15 		86 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11585%26id%3D%3Cvsid%3E&type=ris
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.252.83 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-252-83.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cs-server-s2s.yellowblue.io/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
expires
Tue, 13 May 2025 01:37:01 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Tue, 13 May 2025 01:37:01 GMT
content-type
image/gif
server
Apache
cs
cs.yellowblue.io/ Frame FD15
Redirect Chain
  • https://match.sharethrough.com/universal/v1?gdpr=0&gdpr_consent=&supply_id=5926d422
  • https://cs.yellowblue.io/cs?aid=11587&uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
52.10.74.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-74-77.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cs-server-s2s.yellowblue.io/

Response headers

access-control-expose-headers
X-Reason
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
content-length
0
date
Tue, 13 May 2025 01:37:01 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://cs.yellowblue.io/cs?aid=11587&uid=ae08b51a-8d4a-4366-8bc7-0a58e8754d90&gdpr=0
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame FD15
Redirect Chain
  • https://sync.go.sonobi.com/us?consent_string=&gdpr=0&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=115667&uid=6b0c2c1a-ae65-41c3-8419-150d092adef4
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=115667&uid=6b0c2c1a-ae65-41c3-8419-150d092adef4
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
174.129.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-199-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cs-server-s2s.yellowblue.io/

Response headers

access-control-expose-headers
X-Reason
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
content-length
0
date
Tue, 13 May 2025 01:37:01 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

Redirect headers

cache-control
no-cache, no-store, private
location
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=115667&uid=6b0c2c1a-ae65-41c3-8419-150d092adef4
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:37:01 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0
cs
cs-server-s2s.yellowblue.io/ Frame FD15
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11596%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D%24UID
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11596&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4945208088227563320
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11596&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4945208088227563320
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
174.129.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-199-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cs-server-s2s.yellowblue.io/

Response headers

access-control-expose-headers
X-Reason
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
content-length
0
date
Tue, 13 May 2025 01:37:01 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

Redirect headers

cache-control
no-store, no-cache, private
location
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11596&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=4945208088227563320
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.108.231.246; 103.108.231.246; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
ab14702b-161b-4e1e-a448-02cb8a1e616b
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 13 May 2025 01:37:01 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
csync.loopme.me/ Frame FD15 		0
0
ecm3
s.amazon-adsystem.com/ Frame FD15
Redirect Chain
  • https://s.ad.smaato.net/c/?dspId=1002486&dspCookie=dDUwEa7rkp_s&gdpr=0&gdpr_consent=
  • https://sync.inmobi.com/setuid?bidderID=82&dspUserId=2defe1ac4f
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=7&google_push=&retry=
  • https://sync.inmobi.com/sync?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr_consent=&gdpr=&us_privacy=&gdpr_pd=&source=7&google_push=&retry=true
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7-b8f550a4-a88a-4aac-bf57-0e5ce92c98e0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7-b8f550a4-a88a-4aac-bf57-0e5ce92c98e0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cs-server-s2s.yellowblue.io/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
XG678P8XAMJPTM23YPWB
Content-Length
43
Date
Tue, 13 May 2025 01:37:03 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-7-b8f550a4-a88a-4aac-bf57-0e5ce92c98e0
content-length
0
date
Tue, 13 May 2025 01:37:02 GMT
x-envoy-upstream-service-time
2
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server
envoy
cs
cs-server-s2s.yellowblue.io/ Frame 5F61
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11607%26uid%3D%24UID
  • https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11607&uid=KptAALZHeceMtXCFTrGEFLT-
0
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11607&uid=KptAALZHeceMtXCFTrGEFLT-
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.129.199.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-199-219.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-expose-headers
X-Reason
content-length
0
content-type
application/javascript
date
Tue, 13 May 2025 01:37:01 GMT
server
istio-envoy
x-envoy-upstream-service-time
1

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
content-length
0
date
Tue, 13 May 2025 01:37:00 GMT
location
https://cs-server-s2s.yellowblue.io/cs?fwrd=1&aid=11607&uid=KptAALZHeceMtXCFTrGEFLT-
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1B53
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=rise_engage
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 13 May 2025 01:37:01 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 May 2025 01:37:01 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
server
AkamaiGHost
cmAdService.js
vidstat.taboola.com/vpaid/units/35_5_7/infra/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/35_5_7/infra/cmAdService.js
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8aa9338281095c49288dff8ad8537b1e7e1d0a9d08c9b3b3ada61496f9839776

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin
https://www.telegram.com
Referer
https://www.telegram.com/

Response headers

content-encoding
gzip
etag
"72166a3662f4af3280844ac73d154ddd"
age
59535
x-amz-meta-gid
0
x-amz-meta-mtime
1747040605
x-amz-meta-mode
33188
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
Hit from cloudfront, HIT
x-amz-cf-id
4-Mctp5OrNdqIvvoifLD_s8JnWLiPRqKVuE-nB-WTKPy2MN6Q-Twzw==
date
Tue, 13 May 2025 01:37:00 GMT
content-type
application/javascript
last-modified
Mon, 12 May 2025 09:03:27 GMT
x-served-by
cache-per12625-PER
x-cache-hits
1610
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=2592000
x-timer
S1747100221.816818,VS0,VE0
via
1.1 c620c24843ba52dc40b8e14dfbb9a10c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-meta-uid
0
accept-ranges
bytes
access-control-allow-origin
*
content-length
12093
x-amz-cf-pop
MEL52-P1
x-amz-meta-ctime
1747040606
server
AmazonS3
x-amz-server-side-encryption
AES256
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-gannett&redirect_domain=www.telegram.com&gdpr=&gdpr_consent=&us_privacy=
  • https://www.telegram.com/pbd/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:37:01 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100222.712843,VS0,VE54
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://www.telegram.com/pbd/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
550b0c1400f70e56269f7c1848fb3166
content-length
0
Content-Type
text/html
SPug
simage4.pubmatic.com/AdServer/ Frame B782 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:01 GMT
server
nginx
sync
id.a-mx.com/ Frame E20A 		99 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync?tao=1&&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a
Requested by
Host: a.amxrtb.com
URL: https://a.amxrtb.com/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
79.127.230.245 Singapore, Singapore, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-79-127-230-245.datapacket.com
Software
/
Resource Hash
f837e1f0f72afff4f075b7f2cec0a9bc1e257a96fe83796401a1a11feca8e3a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

access-control-allow-origin
https://imprsgmp.taboola.com
Timing-Allow-Origin
https://imprsgmp.taboola.com
content-length
99
date
Tue, 13 May 2025 01:37:00 GMT
content-type
application/json
access-control-allow-credentials
true
rum
id.rtb.mx/ Frame E20A 		0
831 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://id.rtb.mx/rum?uid=5a737115-36cb-4ede-8910-c8d66ada0f7a&d=1747100221316
Requested by
Host: a.amxrtb.com
URL: https://a.amxrtb.com/js/cframe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
79.127.230.245 Singapore, Singapore, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
unn-79-127-230-245.datapacket.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://imprsgmp.taboola.com/

Response headers

date
Tue, 13 May 2025 01:37:01 GMT
access-control-allow-origin
https://imprsgmp.taboola.com
access-control-allow-credentials
true
setuid
prebid.adnxs.com/pbs/v1/ Frame E20A 		0
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.adnxs.com/pbs/v1/setuid?bidder=amx&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a&gdpr=0&us_privacy=1---
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.250.0.199 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.sin3.adnexus.net
Software
nginx/1.25.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
0
Content-Length
0
Date
Tue, 13 May 2025 01:37:02 GMT
Content-Type
text/html
Vary
Origin
Server
nginx/1.25.1
setuid
ow.pubmatic.com/ Frame E20A 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=5a737115-36cb-4ede-8910-c8d66ada0f7a&gdpr=0&us_privacy=1---
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.86 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://imprsgmp.taboola.com/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Length
0
Date
Tue, 13 May 2025 01:37:01 GMT
Content-Type
text/html
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=&expires=365
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=e028401f-2b8a-4983-9f20-5999437e5cf4&google_hm=ZTAyODQwMWYtMmI4YS00OTgzLTlmMjAtNTk5OTQzN2U1Y2Y0&...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBUrNMVnQkduB9v2t2pGZJw&google_cver=1&ssp=sonobi&bsw_param=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr_consent=&gdpr=0
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=0&gdpr_consent=&us_privacy=
49 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
72.34.249.225 Monterey Park, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, private
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:37:02 GMT
tcn
Choice
content-type
image/gif
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=0&gdpr_consent=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:37:02 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://taboola-d.openx.net/w/1.0/pd
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:01 GMT
content-type
image/gif
vary
Accept

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2961834579920080504&gdpr=0&gdpr_consent=&us_privacy=
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
0
Date
Tue, 13 May 2025 01:37:02 GMT
Pragma
no-cache
Connection
keep-alive
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...
  • https://sync.go.sonobi.com/us.gif?nw=bs&nuid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&gdpr=0&gdpr_consent=
49 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&gdpr=0&gdpr_consent=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
72.34.249.225 Monterey Park, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, private
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:37:03 GMT
tcn
Choice
content-type
image/gif
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0

Redirect headers

strict-transport-security
max-age=31536000
location
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155&gdpr=0&gdpr_consent=
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
server
Jetty(11.0.25)
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1978557999580490258
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1978557999580490258
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
72.34.249.225 Monterey Park, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, private
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:37:03 GMT
tcn
Choice
content-type
image/gif
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1978557999580490258
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Date
Tue, 13 May 2025 01:37:02 GMT
Server
Jetty(9.4.51.v20230217)
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=9a1db44c9c&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&pubid=9a1db44c9c
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&pubid=9a1db44c9c
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
72.34.249.225 Monterey Park, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, private
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:37:02 GMT
tcn
Choice
content-type
image/gif
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&pubid=9a1db44c9c
content-length
227
date
Tue, 13 May 2025 01:37:01 GMT
server
Kestrel
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=286
  • https://sync.go.sonobi.com/us.gif?nw=st&nuid=0LdLNqmUWyRyUf4jdQPf-mds5_Y
49 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=st&nuid=0LdLNqmUWyRyUf4jdQPf-mds5_Y
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
72.34.249.225 Monterey Park, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, private
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
49
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Tue, 13 May 2025 01:37:03 GMT
tcn
Choice
content-type
image/gif
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-lax-1-5-91
x-xss-protection
0

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=st&nuid=0LdLNqmUWyRyUf4jdQPf-mds5_Y
Content-Length
99
Date
Tue, 13 May 2025 01:37:02 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame 1B53 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
c7fa2a6bc15b53b38aefc72fd25e45a3033da35ceb09c4d69f99e69a71725384

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=rise_engage

Response headers

cache-control
max-age=55309
content-encoding
gzip
expires
Tue, 13 May 2025 16:58:50 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11385
date
Tue, 13 May 2025 01:37:01 GMT
last-modified
Mon, 12 May 2025 16:59:24 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame B782 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35397380&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
825f40c02f1405e054e2c5b8ce2ab2799dbaa81181ab156c4280255c10d29589

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
1076
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:01 GMT
content-type
text/html; charset=UTF-8
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%...
  • https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
86 B
970 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:37:02 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100222.362122,VS0,VE54
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

cache-control
private,max-age=86400
location
https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
155
date
Tue, 13 May 2025 01:37:01 GMT
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame FCF1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4945208088227563320&gdpr=0&gdpr_consent=
42 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4945208088227563320&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 May 2025 01:37:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a54206bd-6c4e-44f4-a99c-ec6df285a075
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 13 May 2025 01:37:02 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4945208088227563320&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
103.108.231.246; 103.108.231.246; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
x-xss-protection
0
setuid
www.telegram.com/pbd/ Frame 2D9C
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=193duivsmdwk
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-store
content-encoding
br
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
image/png
date
Tue, 13 May 2025 01:37:02 GMT
document-policy
include-js-call-stacks-in-crash-reports
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
referrer-policy
no-referrer
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
accept-encoding
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-per12622-PER
x-timer
S1747100223.617026,VS0,VE54
x-xss-protection
1;mode=block

Redirect headers

cache-control
private,max-age=86400
content-length
155
content-type
text/html; charset=utf-8
date
Tue, 13 May 2025 01:37:02 GMT
location
https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 9279
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=adb916ec-2f83-4c04-9029-8d8db71a5702&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D26A48329-A1AF-4282-8D11-AD8150FB9EB2
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length
0
date
Tue, 13 May 2025 01:37:05 GMT
via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-amz-cf-id
Uu1e7JU0oSUDRmr1FyHpS7xDdR5VspjW-h9WmM-FqhF-PTXxlVURow==
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 13 May 2025 01:37:04 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
setuid
www.telegram.com/pbd/ Frame AC77
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&tc=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=UDmvwoLDsDsjv-Tiea23UhVry9eZt40-_Pu8XC0hJ7M&pi=pubmatic&gdpr=0&gdpr_consent=&us_privacy=&g...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-store
content-encoding
br
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
content-type
image/png
date
Tue, 13 May 2025 01:37:04 GMT
document-policy
include-js-call-stacks-in-crash-reports
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
referrer-policy
no-referrer
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
accept-encoding
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-per12622-PER
x-timer
S1747100225.552461,VS0,VE54
x-xss-protection
1;mode=block

Redirect headers

cache-control
private,max-age=86400
content-length
155
content-type
text/html; charset=utf-8
date
Tue, 13 May 2025 01:37:02 GMT
location
https://www.telegram.com/pbd/setuid?bidder=pubmatic&f=i&gdpr=&gdpr_consent=&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 4604
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=&__qcmcs=1
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cNOn-yfZpqxr3_esJN-4qCDfoqtrifesc9qfpeKV
42 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cNOn-yfZpqxr3_esJN-4qCDfoqtrifesc9qfpeKV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 13 May 2025 01:37:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-store, proxy-revalidate
content-length
0
date
Tue, 13 May 2025 01:37:02 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cNOn-yfZpqxr3_esJN-4qCDfoqtrifesc9qfpeKV
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 41E1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_...
85 B
171 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aCKiPgAAAKJcegA_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
877
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 13 May 2025 01:37:02 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
1763
x-robots-tag
noindex
x-served-by
cache-per12626-PER
x-timer
S1747100222.447813,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 13 May 2025 01:37:02 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=0&gdpr_consent=&_test=aCKiPgAAAKJcegA_
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-robots-tag
noindex
x-served-by
cache-per12626-PER
x-timer
S1747100222.146618,VS0,VE253
ecm3
s.amazon-adsystem.com/ Frame 6F1A 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 13 May 2025 01:37:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
08KG186N81D3FGGKYSSD
receive
pixel.tapad.com/idsync/ex/ Frame B782
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=26A48329-A1AF-4282-8D11-AD8150FB9EB2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=26A48329-A1AF-4282-8D11-AD8150FB9EB2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8c5adefd-e1be-4d28-b777-2b6b5718469d%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=8c5adefd-e1be-4d28-b777-2b6b5718469d%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=8c5adefd-e1be-4d28-b777-2b6b5718469d%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.25) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 13 May 2025 01:37:02 GMT
content-type
image/png
server
Jetty(11.0.25)

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttd_puid=8c5adefd-e1be-4d28-b777-2b6b5718469d%2C%2C
content-length
359
date
Tue, 13 May 2025 01:37:02 GMT
server
Kestrel
khaos.json
token.rubiconproject.com/ Frame 1B53 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
content-length
7
content-type
application/json; charset=UTF-8
usersync.html
cdn.undertone.com/js/ Frame 993E 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.20.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-20-87.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09243d4b2e2c60a9c68fdb114caea8f64f74d231b9d1162a23555d9227cc4692

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age
50745
content-encoding
gzip
content-type
text/html
date
Mon, 12 May 2025 11:31:18 GMT
etag
W/"3af44066cfecd60369001ebdc2bd7e99"
last-modified
Sun, 02 Feb 2025 17:23:12 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 ece2a231e09716eb97b51099bf5928fe.cloudfront.net (CloudFront)
x-amz-cf-id
30IUvUgo-qtwqdp-p9lHHwrRpjrHQSXET80CNGmOitCA-iQW3KMdjA==
x-amz-cf-pop
SYD62-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
NqL_IFt0LsBFvwomCEjhjZem3vPHN2RJ
x-cache
Hit from cloudfront
cs
cs.yellowblue.io/ Frame 1B53
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=MALUD0GT-1P-E43L
  • https://cs.yellowblue.io/cs?aid=11590&id=MALUD0GT-1P-E43L
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=MALUD0GT-1P-E43L
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
H2
Server
52.10.74.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-74-77.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-expose-headers
X-Reason
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://eus.rubiconproject.com/
content-length
0
date
Tue, 13 May 2025 01:37:04 GMT
content-type
application/javascript
server
istio-envoy
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cs.yellowblue.io/cs?aid=11590&id=MALUD0GT-1P-E43L
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
413d5c0bc8511bb08cd28279cbcfceeb
content-length
0
Content-Type
text/html
OpportunityServlet
sg-vid-events.taboola.com/ 		1 B
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sg-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/35_5_7/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.com/

Response headers

access-control-allow-origin
https://www.telegram.com
content-length
1
date
Tue, 13 May 2025 01:37:02 GMT
server
nginx
access-control-allow-credentials
true
setuid
px.ads.linkedin.com/ Frame 1B53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MALUD0GT-1P-E43L
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MALUD0GT-1P-E43L
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
150.171.22.12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 1A6BB774F92044F2BD9993EB8B7D2768 Ref B: PER311000101053 Ref C: 2025-05-13T01:37:02Z
x-li-fabric
prod-lor1
x-li-uuid
AAY0+ngu8wky33Z6x0VwTA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 13 May 2025 01:37:02 GMT

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MALUD0GT-1P-E43L
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Pragma
no-cache
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 1B53
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&gdpr=0&gdpr_consent=&expires=30
content-length
289
date
Tue, 13 May 2025 01:37:02 GMT
server
Kestrel
tap.php
pixel.rubiconproject.com/ Frame 1B53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7-JVHof3o3JrgXPJFIheU&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7-JVHof3o3JrgXPJFIheU&google_cver=1
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEE7-JVHof3o3JrgXPJFIheU&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Tue, 13 May 2025 01:37:02 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
tap.php
pixel.rubiconproject.com/ Frame 1B53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YF36X0Wd_tC4PjF9CQDX0cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IEQU5CxE2oKG0XRkvIMPIrStwwnv40VKA2IDCg--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IEQU5CxE2oKG0XRkvIMPIrStwwnv40VKA2IDCg--~A
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-IEQU5CxE2oKG0XRkvIMPIrStwwnv40VKA2IDCg--~A
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Tue, 13 May 2025 01:37:02 GMT
server
ATS
x-frame-options
DENY
dcm
s.amazon-adsystem.com/ Frame 1B53 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
HVBD5E84SJ8YA5MV8E41
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 13 May 2025 01:37:02 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
ecm3
s.amazon-adsystem.com/ Frame 1B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=MALUD0GT-1P-E43L&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MALUD0GT-1P-E43L&ex=d-rubiconproject.com&status=ok
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Server
98.82.158.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-158-241.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
N12S1CG0YWTWZ4G0Y55R
Content-Length
43
Date
Tue, 13 May 2025 01:37:02 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MALUD0GT-1P-E43L&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d264e84c9dc1a645a3048554992c5d82
content-length
0
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 1B53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzZmViMTZlZjcyYTU2ZDQ3YTA3NzAwZmNiODVhNjJjY2Y2OGY4OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzZmViMTZlZjcyYTU2ZDQ3YTA3NzAwZmNiODVhNjJjY2Y2OGY4OQ
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H3
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 13 May 2025 01:37:03 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjYzZmViMTZlZjcyYTU2ZDQ3YTA3NzAwZmNiODVhNjJjY2Y2OGY4OQ
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d335433bbbe0efeac67146df47932f6f
Pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1B53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUFMVUQwR1QtMVAtRTQzTA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG-KZtEs5JlafEvAFrAXylw&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUFMVUQwR1QtMVAtRTQzTA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUFMVUQwR1QtMVAtRTQzTA==&google_push=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H3
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 13 May 2025 01:37:03 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUFMVUQwR1QtMVAtRTQzTA==&google_push=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
content-length
0
Content-Type
text/html
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1B53 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
6RM4VGMQQJ50HNGHB2S7
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Tue, 13 May 2025 01:37:03 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 1B53
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADhfE7QRUQAABs2Eliv_w&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADhfE7QRUQAABs2Eliv_w&expires=30
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADhfE7QRUQAABs2Eliv_w&expires=30
Content-Length
0
Date
Tue, 13 May 2025 01:37:03 GMT
Server
gunicorn
Connection
keep-alive
v1
match.sharethrough.com/sync/ Frame 1B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MALUD0GT-1P-E43L
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MALUD0GT-1P-E43L
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MALUD0GT-1P-E43L
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
content-length
0
Content-Type
text/html
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 1B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MALUD0GT-1P-E43L
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MALUD0GT-1P-E43L
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MALUD0GT-1P-E43L&ckls=true&ci=gQ96OIZNep&nc=false&trid=1810506396
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MALUD0GT-1P-E43L&ckls=true&ci=gQ96OIZNep&nc=false&trid=1810506396
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
Protocol
H2
Server
108.158.32.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-32-69.syd3.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 6e1c6646ddd7c3d29e8d895186891110.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P2
x-amz-cf-id
OJ30cLWg-LujNRPV5TrFT85gplPHoyIpsbdU6e7j8U26quV1jxr3yQ==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MALUD0GT-1P-E43L&ckls=true&ci=gQ96OIZNep&nc=false&trid=1810506396
pragma
no-cache
via
1.1 6e1c6646ddd7c3d29e8d895186891110.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
x-amz-cf-pop
SYD3-P2
x-amz-cf-id
6cWFixfUP2xnYxj3iwIw1FeDZuWe6Xq3uXLPS1Z1iJSdUPeh2am5CA==
receive
pixel.tapad.com/idsync/ex/ Frame 1B53
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MALUD0GT-1P-E43L
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MALUD0GT-1P-E43L
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.25) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Tue, 13 May 2025 01:37:03 GMT
content-type
image/png
server
Jetty(11.0.25)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MALUD0GT-1P-E43L
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Pragma
no-cache
content-length
0
merge
ce.lijit.com/ Frame 1B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=MALUD0GT-1P-E43L
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=MALUD0GT-1P-E43L
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
54.245.127.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-245-127-213.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ce.lijit.com/merge?pid=80&3pid=MALUD0GT-1P-E43L
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
content-length
0
Content-Type
text/html
pixel
capi.connatix.com/us/ Frame 1B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=MALUD0GT-1P-E43L&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=MALUD0GT-1P-E43L&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H3
Server
172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
93ee6dac2ec3ec7e-ADL
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://capi.connatix.com/us/pixel?puid=MALUD0GT-1P-E43L&pId=11&gdpr=&gdpr_consent=&us_privacy=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
content-length
0
Content-Type
text/html
setuid
pbs.yahoo.com/ Frame 1B53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002486%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Protocol
H2
Server
183.177.68.211 , Hong Kong, ASN10310 (YAHOO-1, US),
Reverse DNS
e2-ha.ycpi.aue.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
0
age
0
x-envoy-decorator-operation
pbs--production-asse1.mediaplatform-gcp-prod-monetization.svc.cluster.local:4080/*
referrer-policy
no-referrer-when-downgrade
expires
0
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
content-type
text/html
vary
Origin,Accept-Encoding
server
ATS

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MALUD0GT-1P-E43L
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
550b0c1400f70e56269f7c1848fb3166
content-length
0
Content-Type
text/html
usync.html
eus.rubiconproject.com/ Frame 8E97 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V9LjcCABYDACZWzuhdVt-0BAAmVs7oXVbftAUAAAAABgYA9AcAJLYYWWwzi3GtcjhWa9HGYVsrLCbjWrbyuFYOm3O1MUyMAEBii5HFNrMY1yqHY7UWbRy2tcJiMq5lK49r5bA5VxvDxAoAKsZymQxqgYRl9vsOQr7bZXj4XAYZy2UyqAUylstkkLRMLs_TZ3cDQAaaTofPda_X_X530cvs8lkebrvG7_bLAQAAAADgAeD___8fAgAAAAAgAgAAAABAAgAAAACAAiCgAuDfAkDgAgAAAAAAA-D___9fAwCAYQNA4BrkADCgl9nmsvwDAAAAAAAEAAAAAIAEAECgcLcEAEDEe-wE4P________8_BmCAPvNGBuD_____BoChBwDgwQcA4EEIAAAA4GIIoDaYbRv6e2yPCAAggF-pCIARAAAAAMAZ27n9EcAkgE4AqAAsqgD-___7rQAArgAAAAIsj5NWI7MAdAcl3sIAAAAAAMYAFuhh8fvNDrvG73YZwP________-_GcD_GcA_GkBwqytFGoAQPRypGsAvIADAGsAvIAAAG8C4AQAAvAEIwAGEHQAAAADAHcD___-_HgAIrkYbx8o0m-0WNo_FsLF5bBaPbeEZDTaD2WKy8h5AjL6hULl7c2wfAIuwzH7fQch3uwwPn8sgY7lMBrVAxnKZDJKWyeV5-uwG8UHDsJwMgvkBTNhitJpMNsvhbLmYDIaj4Wi0P4CB2MwGCEDRksVqOVztJovRZrGYLHfD0WSCABQtGkxWo9FkMRmuRpPVbLnY7TYIQNGq1Wy0GQxXs8lst1sNB8PlaIQAE7YYrSaTzXI4Wy4mg-FoOBoNEQDmNo6NczhbuCUum3Mt2pg2a-Vi5HELZw7nyLEy7mYzj1v0-phujo1lN_FtEUAwAGYvkqdFOhEsBhOXyzczbgaDwWQ0Mi02o5lpZLLZVp6RYzWyiCWak0U6kV32xdVo41iZZrPdwuaxGDY2j83isS08o8FmMFtMVv7exrFxDmcLt8Rlc65FG9NmrVyMPG7hzOEcOVbG3WzmcYteH9PNsbHsJr59YzfaLQaDyWK1b-xGu8VgMFnM9h0m0zP1ORuF2fHNo5LahMvl82Y6KFwGi_ciMV3_RrXB3LsanTb1xNjdGf1-v9_v9_v9fr_foPUczAaF77dtSK_Dh3PaGGsLYoPCc7AYFLFEcJFOdA673WU6nZw-p-lhdoteZpfP8nBbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_xHgIQabuWIwnEs2i7lkNFslAAAAAAAAAACAJYBNAAAAAABOAIOYrTaD3ToBDmQyXC1Wq-UCAEz4SOkC_LwGRsaPlr7vAkTonTzjzuCcHwNcnMNud5lOJ6fPaXqY3aKX2eWzPNxWBgAAEPhgBtgM8BmAINZqtawBAAAABLABAAAABLgBdAPwBhC4BscB_v___ekBAAAA6PcBgJrCjlwp9ML5AQpksNqt9g8AIEAh1mq1ut1Yq9UKCDCYwWo0GE0g4P___58gAAAAAAAAAOrLIAAAAAAAAMCIHCFAYNtNCKAQYDBEy9_t8kJAh4C6a7xO1h8njocAAIAAy-MkUwo!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://sg-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 13 May 2025 01:37:02 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 46FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-NOSIH6VE2uGooD7JlYMMnVwdtvF1eW2f~A&gdpr_in_effect=0
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-NOSIH6VE2uGooD7JlYMMnVwdtvF1eW2f~A&gdpr_in_effect=0
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sg-match.taboola.com/

Response headers

x-fastly-to-nlb-rtt
51205
date
Tue, 13 May 2025 01:37:03 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

strict-transport-security
max-age=31536000
location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-NOSIH6VE2uGooD7JlYMMnVwdtvF1eW2f~A&gdpr_in_effect=0
age
2
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 13 May 2025 01:37:02 GMT
content-type
text/html
server
ATS
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 46FC
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=taboola&bsw_custom_parameter=e028401f-2b8a-4983-9f20-5999437e5cf4&callback=https%3A%2F%2...
  • https://x.bidswitch.net/sync?dsp_id=257&ssp=taboola&user_id=ym_user_91390131-68be-4814-8f2e-fe620a11996a&bsw_param=e028401f-2b8a-4983-9f20-5999437e5cf4
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://sg-match.taboola.com/

Response headers

x-fastly-to-nlb-rtt
50130
date
Tue, 13 May 2025 01:37:05 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e028401f-2b8a-4983-9f20-5999437e5cf4&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:37:05 GMT
usync.html
eus.rubiconproject.com/ Frame 67AC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 13 May 2025 01:37:03 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 993E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D39%26uid%3D%7BOPENX_ID%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c6e2a932-13e9-4887-a736-6b4a8bcbce97
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c6e2a932-13e9-4887-a736-6b4a8bcbce97
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
GtQCb9UhcU_l5vNIiFC-VQYOwxgTtfw-zVfvx55cF1zZMeMnPKyf8A==
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=c6e2a932-13e9-4887-a736-6b4a8bcbce97
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:02 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
sync
usr.undertone.com/userPixel/ Frame 993E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttl=1749692223
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttl=1749692223
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
-8MPS_raF6PRO6X2YzDbhCBYwlPMYYVWw6npIjlEbwCXPLtKRz4TSQ==
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=8bc3fc6a-1209-4e9d-b3de-d520c6241b0d&ttl=1749692223
content-length
249
date
Tue, 13 May 2025 01:37:03 GMT
server
Kestrel
cookie
sync.cootlogix.com/api/ Frame 993E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=MALUD0GT-1P-E43L
  • https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
68.183.122.102 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
content-length
43
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/avif
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
location
https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2
x-amz-cf-id
nWdtM49K0VBJJOYU3dsq9sIbMDlzcFZ9PdvUClNFI6LNRRRKO4_o8A==
sync
usr.undertone.com/userPixel/ Frame 993E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D26A48329-A1AF-4282-8D11-AD8150FB9EB2
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
T8iExIJ_2-hBxaY14t38pdXFsVAyGGnnuVBG2InCZdc7nGCkEINcZw==
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2

Redirect headers

cache-control
no-store, no-cache, private
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=26A48329-A1AF-4282-8D11-AD8150FB9EB2
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:03 GMT
server
nginx
sync
usr.undertone.com/userPixel/ Frame 993E
Redirect Chain
  • https://sync.cootlogix.com/api/user/image/55537adc33d1b40300987e8e?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D59%26uid%3D%24%7BvdzUserSyncMacro%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=59&uid=56ef7805-400b-2a7e-dfad-45cda9354750
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=59&uid=56ef7805-400b-2a7e-dfad-45cda9354750
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
Dg0iWj2Fla9W-ys3XLW6AngQCqb9ppv8fONXlLElccqOtpN7ytj9LA==
date
Tue, 13 May 2025 01:37:04 GMT
x-amz-cf-pop
SYD62-P2

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=59&uid=56ef7805-400b-2a7e-dfad-45cda9354750
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
content-length
0
date
Tue, 13 May 2025 01:37:04 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
sync
usr.undertone.com/userPixel/ Frame 993E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ln54x4pE2uFm2UctwooodRINBa5CN9fdZwUOuW0-~A
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ln54x4pE2uFm2UctwooodRINBa5CN9fdZwUOuW0-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
zSNnBflKFGUALIpnowF-KfThAS-GaB_UjqSLTPToOsQgGVqwKNcZRQ==
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2

Redirect headers

strict-transport-security
max-age=31536000
location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-Ln54x4pE2uFm2UctwooodRINBa5CN9fdZwUOuW0-~A
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 13 May 2025 01:37:03 GMT
content-type
text/html
server
ATS
sync
usr.undertone.com/userPixel/ Frame 993E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.67.110.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-110-37.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
5O1ORbH0GGeg6RJhdd7gBzN9mkretu9CFzD144hFRaVuqIEMqhe9Wg==
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2

Redirect headers

cache-control
max-age=0,no-cache,no-store
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=0464bf1a-beb3-4d8f-943d-17769b96b5fc-6822a23e-4155
pragma
no-cache
via
1.1 google
expires
Tue, 11 Oct 1977 12:34:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
server
A
syncr
usr.undertone.com/userPixel/ Frame 993E 		0
0
usync.js
eus.rubiconproject.com/ Frame 8E97 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
c7fa2a6bc15b53b38aefc72fd25e45a3033da35ceb09c4d69f99e69a71725384

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Response headers

cache-control
max-age=55309
content-encoding
gzip
expires
Tue, 13 May 2025 16:58:50 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11385
date
Tue, 13 May 2025 01:37:01 GMT
last-modified
Mon, 12 May 2025 16:59:24 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je5591v887636012za200&_p=1747100216269&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509156~102938614~103101750~103101752~103116026~103130498~103130500~103200004~103233424~103251618~103251620~103284320~103284322~103301114~103301116&cid=1038686065.1747100214&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAAAAQ&_s=2&uid=8f5bc953-3ba6-4184-87c5-b7e127cc4d2a&dl=https%3A%2F%2Fwww.telegram.com%2F&dt=Worcester%20Telegram%20%3A%20Local%20News%2C%20Politics%20%26%20Sports%20in%20Worcester%2C%20MA&dp=%2F&dr=&sid=1747100216&sct=1&seg=0&tfd=9746
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f100.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.telegram.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:153:0
report-to
{"group":"ascnsrsggc:153:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:153:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.telegram.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:153:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 13 May 2025 01:37:03 GMT
content-type
text/plain
server
Golfe2
khaos.json
token.rubiconproject.com/ Frame 8E97 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=MALUD0GT-1P-E43L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4290507b7388fb86809e552482e2fff0
content-length
7
content-type
application/json; charset=UTF-8
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 8E97
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=MALUD0GT-1P-E43L
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

x-fastly-to-nlb-rtt
50632
date
Tue, 13 May 2025 01:37:04 GMT
server
nginx
access-control-allow-credentials
true

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=MALUD0GT-1P-E43L&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
91c229169a155ea648dbc4d59ef8a3c5
content-length
0
Content-Type
text/html
usync.js
eus.rubiconproject.com/ Frame 67AC 		44 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.253.153 Seoul, Korea, Republic Of, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-253-153.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) / PHP/8.3.13
Resource Hash
c7fa2a6bc15b53b38aefc72fd25e45a3033da35ceb09c4d69f99e69a71725384

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=12776

Response headers

cache-control
max-age=55309
content-encoding
gzip
expires
Tue, 13 May 2025 16:58:50 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11385
date
Tue, 13 May 2025 01:37:01 GMT
last-modified
Mon, 12 May 2025 16:59:24 GMT
x-powered-by
PHP/8.3.13
server
Apache/2.4.62 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 67AC 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=MALUD0GT-1P-E43L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4290507b7388fb86809e552482e2fff0
content-length
7
content-type
application/json; charset=UTF-8
cookie
sync.cootlogix.com/api/ Frame 67AC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=MALUD0GT-1P-E43L
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=MALUD0GT-1P-E43L
  • https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
68.183.122.102 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
content-length
43
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/avif
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
location
https://sync.cootlogix.com/api/cookie?partnerId=rubiconut&userId=MALUD0GT-1P-E43L
content-length
0
date
Tue, 13 May 2025 01:37:03 GMT
x-amz-cf-pop
SYD62-P2
x-amz-cf-id
Ue9eNM6h7YAEHG8dHfCnLyCK9s-g9zRmim3cnoGmu_sKQshHEA9YCg==
setuid
www.telegram.com/pbd/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUID%7D
  • https://www.telegram.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.telegram.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/
Protocol
H2
Server
151.101.66.62 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.telegram.com/

Response headers

content-encoding
br
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
x-content-type-options
nosniff
date
Tue, 13 May 2025 01:37:03 GMT
content-type
image/png
vary
accept-encoding
x-served-by
cache-per12622-PER
x-cache-hits
0
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests;default-src https://reporting-api.gannettinnovation.com;script-src 'none';style-src 'none';worker-src 'none';font-src 'none';img-src 'none';form-action 'none';sandbox allow-same-origin;report-uri https://reporting-api.gannettinnovation.com;report-to default
cache-control
no-store
timing-allow-origin
*
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-timer
S1747100224.722973,VS0,VE54
referrer-policy
no-referrer
permissions-policy
accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=(),web-share=(),xr-spatial-tracking=()
accept-ranges
bytes
document-policy
include-js-call-stacks-in-crash-reports
x-xss-protection
1;mode=block

Redirect headers

cache-control
private, max-age=0, no-cache, must-revalidate
location
https://www.telegram.com/pbd/setuid?bidder=openx&gdpr=&gdpr_consent=&f=i&uid=b45141da-aad9-470d-a63f-b498fd3c2c48
pragma
no-cache
x-forwarded-for
103.108.231.246
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 13 May 2025 01:37:03 GMT
vary
Origin
usermatch
ssum-sec.casalemedia.com/ Frame 7DB5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Requested by
Host: www.telegram.com
URL: https://www.telegram.com/tangstatic/js/pbjsandwichdirecta9-q1a2z3812ad6d5.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6229ef4edcbea5738c73fec7426c4aecb449a0b09d78ea6e048e74f101a5315c

Request headers

Referer
https://www.telegram.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
93ee6daf5fbdcf9d-PER
content-encoding
br
content-type
text/html
date
Tue, 13 May 2025 01:37:03 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IaTDSZibum0HwqQECpj1AsjGPIpEPRmzQOazOxotytsAbt0JTfa32WRZIhs%2BpLsGSkXU%2BeDvXztKAldA3yL5jkv8CHTtD611AckFySxpn%2F8UzLV4z0ZRTtP9xSmGGZCuRCoDSUoVrzqcOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame B782 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.85 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 May 2025 01:37:04 GMT
server
nginx
31327
i.liadm.com/s/ Frame 7DB5 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=aCKiOosFVsAAMsGdAHV18gAA%264722&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.57.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-57-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Date
Tue, 13 May 2025 01:37:05 GMT
trace-id
2c676321f4ea305d
Request-Time
0
Connection
keep-alive
aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7DB5 		43 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.28.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-28-10.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
43
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
server
ATS
x-frame-options
DENY
crum
dsum-sec.casalemedia.com/ Frame 7DB5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADhfE7QRUQAABs2Eliv_w&expiration=1748309824
43 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADhfE7QRUQAABs2Eliv_w&expiration=1748309824
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44mTe6XGzW9hwzUX9bLaPVuPfy424yGh8g0lyFtmQ4h0KbJGWKKYSsk5lpOYt86QeNJImSCFkDvm5JtuvHN9npEvTI%2BwDyc2zuzqAjY2vqKMeVRn%2B2poVWqrodM10rUTb8L1pzAJzokQTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6db14afecf9d-PER
content-length
43
server
cloudflare

Redirect headers

strict-transport-security
max-age=2592000; includeSubDomains
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADhfE7QRUQAABs2Eliv_w&expiration=1748309824
Content-Length
0
Date
Tue, 13 May 2025 01:37:04 GMT
Server
gunicorn
Connection
keep-alive
rum
dsum-sec.casalemedia.com/ Frame 7DB5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Z4X6IzCP-3R8iap0M4nlcDeJ_3N836p0ZIwHhsi6
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Z4X6IzCP-3R8iap0M4nlcDeJ_3N836p0ZIwHhsi6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZ%2Fy9ZX8l9nUhlnoCdTL9VuVcNhIjT1IZT0jB%2Bb%2Be%2F0tMmXKeMQyycYaqCmM%2BokPmCR6JFCSuSDNHk6cQ4xxOD79ZiSyG1OSzRsi5K4sM5xV54%2BNUXq7te9SM7Vr2BSwhAayqR9k8c6Z5w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6db0da4fcf9d-PER
content-length
43
server
cloudflare

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Z4X6IzCP-3R8iap0M4nlcDeJ_3N836p0ZIwHhsi6
content-length
0
date
Tue, 13 May 2025 01:37:04 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7DB5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aCKiOosFVsAAMsGdAHV18gAAEnIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=221W7gt4SPLQ6YPNX3ZmdfRwcY1wviTzVYdmUQH94a%2B%2B1UW1LSQRDYAEXrcfYdwcZpGuq%2BR0HggpukNQCW2n4%2Biqy9%2BRscFBHniTqtwVLU2c56O8CC9XMDpqFCfOiHT66OIDGwx%2B7LIOTg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6db15b13cf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDvzQ21ajfP-Mzu41WbGE44&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
364
date
Tue, 13 May 2025 01:37:04 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
crum
dsum-sec.casalemedia.com/ Frame 7DB5
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=93501e681e984cb98c99bd8ce4e88dd9&expiration=1749692224
43 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=93501e681e984cb98c99bd8ce4e88dd9&expiration=1749692224
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkNlsIcWm5lqtAu1MUkqB8B1g6E6DX1sB1emFb4dMvMk0EisKW2Xn2TzrNn6oLEzvY%2Fe3Xgt1m7NraUIwmEZfzDu56zOMRVVDZ5akcJS7JNdJygCIAcNOHLYG1Stzt55VJFw0qoLXuG0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:04 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6db34debcf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=93501e681e984cb98c99bd8ce4e88dd9&expiration=1749692224
pragma
no-cache
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CUR OUR NOR"
content-length
0
x-xss-protection
1; mode=block
date
Tue, 13 May 2025 01:37:04 GMT
content-type
text/html;charset=UTF-8
crum
dsum-sec.casalemedia.com/ Frame 7DB5
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10256699365696&userId=aCKiOosFVsAAMsGdAHV18gAA%264722&gdpr=&us_privacy=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=53130a43f6f4bca1&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10256699365696
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10256699365696
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=225&&external_user_id=OPU5875d76c6e4343c08a532b377af3639c
43 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=225&&external_user_id=OPU5875d76c6e4343c08a532b377af3639c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://ssum-sec.casalemedia.com/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g29hVuMMetvCGNoqotGbf7VXQFe1nfcvIHhsizXDTvmKaAyT1l6DZohtaf8sTFHm4KqJzIIOUtObX1HkbGruDLhu4Nno9k7taP1TQFvm4wJWPLs0E%2F57eyzqvHpvEvaFjzAQhckiFNGkqA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 13 May 2025 01:37:06 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
93ee6dbd1bafcf9d-PER
content-length
43
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=225&&external_user_id=OPU5875d76c6e4343c08a532b377af3639c
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
content-length
136
date
Tue, 13 May 2025 01:37:05 GMT
content-type
text/html; charset=utf-8
server
Tengine
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
demconf.jpg
dpm.demdex.net/ Frame 7DB5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=aCKiOosFVsAAMsGdAHV18gAA%264722?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=aCKiOosFVsAAMsGdAHV18gAA%264722
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=aCKiOosFVsAAMsGdAHV18gAA%264722
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fwww.telegram.com%2Fpbd%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D
Protocol
H2
Server
44.238.143.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-143-165.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Heade